Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Nothing specific, just very very slow.

Started by Chad Oneal , Nov 16 2011 05:45 PM

Please log in to reply

#1
Chad Oneal

Posted 16 November 2011 - 05:45 PM

Member

Member
55 posts

This Lenovo is a pretty old unit. It runs WinXp and the harddrive is 75% full. However, I am usually able to stay on top of it and keep the unit running very smoothly. I typically run MalwareBytes and use AVG Free to keep the system clean, but today I used SuperAntiSpyware, which I use to use all the time until it was no longer listed in the MalwareRemoval Guide. It did rid the system of some adware and toolbar stuff that Malwarebytes was not finding. Hopefully you can see some issues I cannot find?!

OTL logfile created on: 11/16/2011 6:25:28 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Chad\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 74.65% Memory free
4.83 Gb Paging File | 4.14 Gb Available in Paging File | 85.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.12 Gb Total Space | 6.48 Gb Free Space | 4.53% Space Free | Partition Type: NTFS
Drive E: | 572.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LENOVO-7BC18E34 | User Name: Chad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/16 18:25:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chad\My Documents\Downloads\OTL.exe
PRC - [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/10/24 19:29:34 | 002,398,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2011/10/24 19:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/10/18 05:14:54 | 001,229,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 05:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 05:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/10/06 19:43:38 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011/09/08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/07/27 06:06:44 | 000,267,488 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/05 13:03:16 | 000,228,480 | ---- | M] (Digital Business Processes) -- C:\Program Files\Common Files\NeatReceipts\DB Controller\NeatReceiptsDBController.exe
PRC - [2007/08/03 18:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/07/05 17:05:04 | 000,065,536 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2007/07/05 17:04:18 | 000,114,688 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2007/07/05 17:03:32 | 000,184,320 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2007/06/22 13:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) -- C:\WINDOWS\system32\FpLogonServ.exe
PRC - [2007/04/08 20:24:32 | 000,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2007/03/07 08:51:52 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe
PRC - [2007/02/08 15:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 15:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/29 22:01:26 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/11 23:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/04/17 19:00:10 | 000,028,672 | ---- | M] (Wistron Corp.) -- C:\Program Files\PM Agent\WisFnCtrlSvc.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/08 15:46:02 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/11/07 22:02:56 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\ppgooglenaclpluginchrome.dll
MOD - [2011/11/07 22:02:55 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\pdf.dll
MOD - [2011/11/07 22:01:20 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\avutil-51.dll
MOD - [2011/11/07 22:01:19 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\avformat-53.dll
MOD - [2011/11/07 22:01:17 | 001,746,504 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\avcodec-53.dll
MOD - [2011/11/07 18:44:56 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\gcswf32.dll
MOD - [2011/10/21 22:22:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
MOD - [2011/10/21 22:21:40 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/21 22:21:14 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/21 21:56:42 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/21 21:56:36 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/21 21:56:20 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/21 21:54:26 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/21 16:12:56 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/06 19:43:38 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
MOD - [2011/07/27 06:06:44 | 000,267,488 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/02/05 13:03:18 | 000,114,688 | ---- | M] () -- C:\Program Files\Common Files\NeatReceipts\DB Controller\DigitalBP.SPI.Core.dll
MOD - [2008/02/05 13:03:16 | 000,049,152 | ---- | M] () -- C:\Program Files\Common Files\NeatReceipts\DB Controller\DigitalBP.Core.dll
MOD - [2007/04/16 13:17:32 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/04/14 08:30:56 | 000,139,264 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\CDRecord.dll
MOD - [2007/03/07 08:51:52 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe
MOD - [2007/02/08 15:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
MOD - [2007/02/08 15:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
MOD - [2006/12/13 21:06:42 | 000,028,672 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\tphklock.dll
MOD - [2006/11/20 20:04:06 | 000,856,064 | ---- | M] () -- C:\Program Files\Lenovo Fingerprint Software\SharedResources.dll
MOD - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/10/24 19:29:34 | 002,398,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011/10/12 05:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/10/06 19:43:38 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/07/27 06:06:44 | 000,267,488 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2011/07/07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/10/15 16:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Stopped] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2008/02/05 13:03:16 | 000,228,480 | ---- | M] (Digital Business Processes) [Auto | Running] -- C:\Program Files\Common Files\NeatReceipts\DB Controller\NeatReceiptsDBController.exe -- (NeatReceipts Database Controller)
SRV - [2007/08/03 18:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/07/05 17:05:04 | 000,065,536 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2007/07/05 17:03:32 | 000,184,320 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2007/06/22 13:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) [Auto | Running] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2007/04/08 20:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007/03/07 08:51:52 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2007/02/08 15:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/01/29 22:01:26 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/11 23:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/04/17 19:00:10 | 000,028,672 | ---- | M] (Wistron Corp.) [Auto | Running] -- C:\Program Files\PM Agent\WisFnCtrlSvc.exe -- (WisFnCtrlSvc)

========== Driver Services (SafeList) ==========

DRV - [2011/10/07 05:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 05:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 00:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 00:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 00:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/23 00:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2011/05/23 00:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/05/07 13:53:30 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010/05/07 13:53:14 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam C260(UVC)
DRV - [2010/05/07 13:51:32 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/07 13:51:20 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/18 16:47:53 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/11/18 16:47:49 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007/08/15 06:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2007/07/02 18:19:38 | 000,763,688 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2007/06/16 23:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/05/22 02:59:34 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/04/30 08:37:20 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/04/09 13:03:00 | 000,012,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007/04/02 13:24:08 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2007/03/29 17:19:36 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/03/22 00:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/08 02:03:56 | 000,625,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2007/03/07 08:51:52 | 000,072,672 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2007/02/24 16:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 17:46:00 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/23 18:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/12 20:41:20 | 000,862,922 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/11/08 02:00:10 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/11/08 01:59:34 | 000,209,152 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/11/08 01:59:30 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/11/06 03:23:24 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006/10/29 20:51:40 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005/11/08 11:27:20 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...l_date=20110909
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/11/16 17:34:01 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.c...pr&d=2011-10-06 20:43:38&v=8.0.0.34&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.goog...outputEncoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java™ Platform SE 6 U12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\

O1 HOSTS File: ([2009/03/18 12:47:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{416E8471-F1FA-4624-94F1-351DCA42CF15}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\ACNotify: DllName - (ACNotify.dll) - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\ATFUS: DllName - (C:\WINDOWS\system32\FpWinLogonNp.dll) - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\tphotkey: DllName - (C:\Program Files\Lenovo\HOTKEY\tphklock.dll) - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 02:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/11/10 19:44:37 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{a3512412-40ac-11de-a72c-001f3adcc53d}\Shell - "" = AutoRun
O33 - MountPoints2\{a3512412-40ac-11de-a72c-001f3adcc53d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a3512412-40ac-11de-a72c-001f3adcc53d}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/16 17:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\SUPERAntiSpyware.com
[2011/11/16 17:44:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/11/16 17:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Desktop\Nealy
[2011/11/13 21:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\com.socialbox.socialbox
[2011/11/13 21:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Socialbox
[2011/11/11 23:15:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chad\Recent
[2011/11/11 01:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\FileZilla
[2011/11/11 01:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2011/11/11 01:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/11/11 01:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Local Settings\Application Data\GlobalSCAPE
[2011/11/11 01:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\GlobalSCAPE
[2011/11/11 01:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2011/11/11 01:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalSCAPE
[2011/11/11 01:33:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GlobalSCAPE
[2011/11/09 11:51:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2011/10/27 11:40:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Start Menu\Programs\Age Of Empires 2 & The Conquerors Expansion - Full Game
[2011/10/27 11:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game
[2011/10/27 07:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Local Settings\Application Data\Identities
[2011/10/25 02:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/10/25 02:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/25 02:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/25 02:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/22 21:43:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Desktop\iPodContent
[2011/10/21 15:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/10/20 22:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Local Settings\Application Data\Spotify
[2011/10/20 22:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\Spotify
[2008/10/27 12:38:54 | 000,095,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[2008/10/27 12:37:34 | 001,692,496 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2008/10/27 12:36:58 | 000,526,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe

========== Files - Modified Within 30 Days ==========

[2011/11/16 18:24:42 | 000,530,464 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/16 18:24:42 | 000,098,828 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/16 18:20:50 | 000,025,269 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2011/11/16 18:20:28 | 000,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2011/11/16 18:20:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/16 18:20:24 | 3211,186,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/16 18:03:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job
[2011/11/16 17:47:18 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job
[2011/11/16 17:44:15 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/16 17:38:27 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/16 17:25:10 | 000,000,211 | -H-- | M] () -- C:\boot.ini
[2011/11/16 16:04:20 | 109,888,454 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/11/16 15:57:41 | 000,029,772 | ---- | M] () -- C:\WINDOWS\KernelMessage
[2011/11/15 23:47:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009Core.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/11/15 21:31:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/15 18:36:16 | 109,857,108 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm.old
[2011/11/14 19:01:24 | 000,062,976 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/14 18:39:28 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Free Online MMPI-2 Test and Scoring.htm
[2011/11/14 18:35:34 | 000,133,125 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/11/14 09:03:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009Core.job
[2011/11/13 21:51:13 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Socialbox.lnk
[2011/11/12 15:04:23 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/12 15:04:22 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Google Chrome.lnk
[2011/11/11 01:34:05 | 000,001,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CuteFTP 8 Lite.lnk
[2011/11/09 18:03:22 | 000,617,316 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/11/06 00:24:44 | 000,061,542 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\298880_2354542715738_1615311521_2344231_295436652_n.jpg
[2011/11/06 00:24:37 | 000,069,598 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\296092_2358188006868_1615311521_2347173_1587254469_n.jpg
[2011/11/06 00:24:30 | 000,060,224 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\305760_2358188846889_1615311521_2347174_1191725054_n.jpg
[2011/11/06 00:24:26 | 000,067,623 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\316983_2358194407028_1615311521_2347175_1049486392_n.jpg
[2011/11/06 00:13:09 | 000,068,009 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\298104_2358186166822_1615311521_2347167_414038111_n.jpg
[2011/11/06 00:12:48 | 000,074,368 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\302682_2358381331701_1615311521_2347270_1834447535_n.jpg
[2011/11/04 08:07:02 | 000,000,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/10/30 13:25:01 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\winscp.rnd
[2011/10/30 02:06:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\updateall.cfg
[2011/10/29 22:23:48 | 000,058,834 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\torquehp.html
[2011/10/27 11:40:47 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\AOCCONFIG.lnk
[2011/10/27 11:40:46 | 000,001,011 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Age2.lnk
[2011/10/27 11:40:45 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Empires2.lnk
[2011/10/27 06:15:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/25 02:24:40 | 000,001,549 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/23 03:50:23 | 029,203,460 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Pimsleur - Greek I - Lesson 01.mp3
[2011/10/22 00:24:56 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\com.plutinosoft.idemo.plist
[2011/10/21 21:51:23 | 000,286,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/21 15:40:20 | 000,000,916 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/10/21 12:34:03 | 004,731,859 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\complaintforequitablerelieffiled.pdf
[2011/10/21 12:34:02 | 000,193,064 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\complainttocompelshareholdermeetingfiled.pdf
[2011/10/21 12:33:58 | 000,065,671 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\affidavitofanthonymoore.pdf
[2011/10/21 12:33:50 | 000,068,459 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\affidavitofgarypetty.pdf

========== Files Created - No Company Name ==========

[2011/11/16 17:44:15 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/14 18:39:27 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Free Online MMPI-2 Test and Scoring.htm
[2011/11/13 21:51:13 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Socialbox.lnk
[2011/11/13 21:51:13 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Socialbox.lnk
[2011/11/11 01:34:05 | 000,001,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CuteFTP 8 Lite.lnk
[2011/11/06 00:24:45 | 000,061,542 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\298880_2354542715738_1615311521_2344231_295436652_n.jpg
[2011/11/06 00:24:38 | 000,069,598 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\296092_2358188006868_1615311521_2347173_1587254469_n.jpg
[2011/11/06 00:24:31 | 000,060,224 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\305760_2358188846889_1615311521_2347174_1191725054_n.jpg
[2011/11/06 00:24:27 | 000,067,623 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\316983_2358194407028_1615311521_2347175_1049486392_n.jpg
[2011/11/06 00:13:10 | 000,068,009 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\298104_2358186166822_1615311521_2347167_414038111_n.jpg
[2011/11/06 00:12:51 | 000,074,368 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\302682_2358381331701_1615311521_2347270_1834447535_n.jpg
[2011/10/30 02:06:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\updateall.cfg
[2011/10/29 22:23:48 | 000,058,834 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\torquehp.html
[2011/10/27 11:40:47 | 000,000,877 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\AOCCONFIG.lnk
[2011/10/27 11:40:46 | 000,001,011 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Age2.lnk
[2011/10/27 11:40:45 | 000,001,018 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Empires2.lnk
[2011/10/25 02:24:40 | 000,001,549 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/21 12:34:02 | 000,193,064 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\complainttocompelshareholdermeetingfiled.pdf
[2011/10/21 12:33:58 | 000,065,671 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\affidavitofanthonymoore.pdf
[2011/10/21 12:33:56 | 004,731,859 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\complaintforequitablerelieffiled.pdf
[2011/10/21 12:33:53 | 000,068,459 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\affidavitofgarypetty.pdf
[2011/10/20 01:15:53 | 029,203,460 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Pimsleur - Greek I - Lesson 01.mp3
[2011/09/17 21:37:32 | 000,514,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-261478415-2542434305-4085094211-1009-0.dat
[2011/09/17 21:37:31 | 000,283,230 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/09/16 02:54:48 | 000,000,513 | ---- | C] () -- C:\Documents and Settings\Chad\Application Data\com.plutinosoft.idemo.plist
[2011/09/15 23:53:13 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Chad\Application Data\winscp.rnd
[2011/08/19 15:45:47 | 000,171,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/07/15 01:23:37 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/03 04:24:10 | 000,062,976 | ---- | C] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/05/27 23:01:19 | 000,001,045 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/05/27 22:59:45 | 000,088,576 | R--- | C] () -- C:\WINDOWS\RAUNINST.EXE
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/05/07 13:44:36 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/07 13:44:16 | 005,496,152 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/07 13:44:16 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/07 13:24:46 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/05/14 12:38:36 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2009/05/14 12:38:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LxrSII1s.exe
[2009/03/19 08:18:15 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\GetInst32.dll
[2009/03/18 12:23:50 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/03/18 12:23:50 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/03/18 12:23:48 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/03/18 12:23:48 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/18 12:23:48 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/18 12:23:47 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/18 11:56:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/03/18 11:56:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/03/18 11:56:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/18 11:56:35 | 000,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009/01/12 10:38:26 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/01/12 10:38:25 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008/12/11 15:02:35 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/10/27 12:38:20 | 013,265,184 | ---- | C] () -- C:\Program Files\dxnt.cab
[2008/10/27 12:38:20 | 004,163,646 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2008/10/27 12:38:20 | 001,907,944 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab
[2008/10/27 12:38:20 | 001,803,074 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab
[2008/10/27 12:38:18 | 001,801,176 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2008/10/27 12:38:18 | 001,795,100 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
[2008/10/27 12:38:18 | 001,793,624 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
[2008/10/27 12:38:18 | 001,770,878 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2008/10/27 12:38:18 | 001,710,376 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab
[2008/10/27 12:38:18 | 001,709,168 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2008/10/27 12:38:18 | 001,608,374 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2008/10/27 12:38:16 | 001,608,790 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2008/10/27 12:38:16 | 001,608,302 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2008/10/27 12:38:16 | 001,607,055 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2008/10/27 12:38:16 | 001,575,392 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2008/10/27 12:38:16 | 001,572,170 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2008/10/27 12:38:14 | 001,551,228 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab
[2008/10/27 12:38:14 | 001,465,688 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
[2008/10/27 12:38:14 | 001,464,894 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
[2008/10/27 12:38:14 | 001,413,918 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2008/10/27 12:38:14 | 001,363,812 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2008/10/27 12:38:14 | 001,358,992 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2008/10/27 12:38:12 | 001,444,298 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2008/10/27 12:38:12 | 001,398,846 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2008/10/27 12:38:12 | 001,351,558 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2008/10/27 12:38:10 | 001,348,370 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2008/10/27 12:38:10 | 001,337,018 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2008/10/27 12:38:10 | 001,248,515 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2008/10/27 12:38:10 | 001,156,507 | ---- | C] () -- C:\Program Files\BDANT.cab
[2008/10/27 12:38:10 | 001,128,233 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2008/10/27 12:38:10 | 001,116,237 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2008/10/27 12:38:10 | 001,080,472 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2008/10/27 12:38:08 | 001,085,736 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2008/10/27 12:38:08 | 001,079,978 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2008/10/27 12:38:08 | 001,078,660 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2008/10/27 12:38:08 | 001,065,941 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2008/10/27 12:38:08 | 001,014,241 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2008/10/27 12:38:08 | 000,995,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab
[2008/10/27 12:38:08 | 000,122,810 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab
[2008/10/27 12:38:08 | 000,097,833 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2008/10/27 12:38:08 | 000,094,750 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2008/10/27 12:38:04 | 000,976,164 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2008/10/27 12:38:04 | 000,966,445 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab
[2008/10/27 12:38:04 | 000,917,446 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2008/10/27 12:38:04 | 000,868,844 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
[2008/10/27 12:38:04 | 000,868,628 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
[2008/10/27 12:38:04 | 000,865,616 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab
[2008/10/27 12:38:04 | 000,853,302 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2008/10/27 12:38:04 | 000,850,935 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
[2008/10/27 12:38:04 | 000,096,053 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2008/10/27 12:38:04 | 000,094,144 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
[2008/10/27 12:38:04 | 000,055,538 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab
[2008/10/27 12:38:04 | 000,045,464 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2008/10/27 12:38:02 | 000,850,183 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
[2008/10/27 12:38:02 | 000,845,900 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2008/10/27 12:38:02 | 000,819,276 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2008/10/27 12:38:02 | 000,094,028 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
[2008/10/27 12:38:02 | 000,093,700 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab
[2008/10/27 12:38:02 | 000,088,158 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2008/10/27 12:38:02 | 000,088,117 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2008/10/27 12:38:02 | 000,087,053 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2008/10/27 12:38:02 | 000,056,170 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
[2008/10/27 12:38:02 | 000,056,074 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2008/10/27 12:38:02 | 000,054,318 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2008/10/27 12:38:02 | 000,047,160 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2008/10/27 12:38:02 | 000,047,074 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2008/10/27 12:38:02 | 000,046,375 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2008/10/27 12:38:02 | 000,022,921 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
[2008/10/27 12:38:02 | 000,022,867 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab
[2008/10/27 12:38:02 | 000,019,512 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2008/10/27 12:38:00 | 000,804,900 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab
[2008/10/27 12:38:00 | 000,797,883 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2008/10/27 12:38:00 | 000,700,060 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2008/10/27 12:38:00 | 000,699,628 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2008/10/27 12:38:00 | 000,047,026 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2008/10/27 12:38:00 | 000,022,883 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2008/10/27 12:37:58 | 000,699,488 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2008/10/27 12:37:58 | 000,696,881 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2008/10/27 12:37:58 | 000,272,384 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
[2008/10/27 12:37:58 | 000,270,858 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
[2008/10/27 12:37:58 | 000,270,644 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
[2008/10/27 12:37:54 | 000,274,976 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab
[2008/10/27 12:37:54 | 000,273,627 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab
[2008/10/27 12:37:52 | 000,270,040 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
[2008/10/27 12:37:52 | 000,252,210 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2008/10/27 12:37:52 | 000,227,266 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2008/10/27 12:37:52 | 000,199,112 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2008/10/27 12:37:50 | 000,213,823 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2008/10/27 12:37:50 | 000,198,138 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2008/10/27 12:37:50 | 000,193,491 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2008/10/27 12:37:48 | 000,197,778 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2008/10/27 12:37:48 | 000,196,782 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2008/10/27 12:37:48 | 000,195,691 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2008/10/27 12:37:48 | 000,192,736 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2008/10/27 12:37:48 | 000,183,919 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2008/10/27 12:37:48 | 000,183,377 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,181,801 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,180,149 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,179,375 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,154,028 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2008/10/27 12:37:44 | 000,153,925 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2008/10/27 12:37:44 | 000,152,241 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2008/10/27 12:37:42 | 000,149,280 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2008/10/27 12:37:42 | 000,148,999 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2008/10/27 12:37:42 | 000,146,615 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2008/10/27 12:37:42 | 000,139,033 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2008/10/27 12:37:42 | 000,138,251 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2008/10/27 12:37:40 | 000,134,687 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2008/10/27 12:37:40 | 000,133,425 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2008/10/27 12:37:40 | 000,123,352 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2008/10/27 12:37:40 | 000,122,840 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
[2008/10/27 12:37:40 | 000,122,070 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
[2008/10/27 12:37:38 | 000,134,119 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2008/10/21 06:51:19 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini
[2008/10/19 12:07:35 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\17C3E4AEA3.sys
[2008/10/19 04:45:04 | 000,006,110 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/10/19 04:45:04 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\BFB29CAF48.sys
[2008/08/17 08:39:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/17 08:22:18 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2008/08/17 08:21:13 | 000,114,688 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2008/08/17 08:18:13 | 001,398,352 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
[2008/08/17 08:13:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/08/17 08:13:41 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/08/17 08:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/08/17 08:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/08/17 08:13:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/08/17 08:13:41 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/08/17 08:08:57 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/08/17 08:08:57 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2008/08/17 08:08:49 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2008/08/17 08:06:53 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008/08/17 08:06:33 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2008/08/17 08:01:00 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\Softkbd.exe.config
[2007/08/16 05:28:38 | 000,025,269 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007/08/16 05:28:27 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007/08/15 06:27:18 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\n558.sys
[2007/02/09 14:54:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/11 23:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/11/02 22:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/04/30 02:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 02:22:10 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/04/30 02:19:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/04/30 02:10:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/04/30 01:55:59 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/04/30 01:55:55 | 000,530,464 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/04/30 01:55:55 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/04/30 01:55:55 | 000,098,828 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/04/30 01:55:55 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/04/30 01:55:54 | 000,004,547 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/04/30 01:55:52 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/04/30 01:55:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/04/30 01:55:44 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/04/30 01:55:44 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/04/30 01:55:37 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/04/30 01:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/04/29 19:04:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/04/29 19:03:29 | 000,286,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2011/11/16 17:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2008/08/17 08:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2011/10/06 19:25:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/10/21 06:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Global Software Publishing
[2011/11/11 01:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2008/10/08 10:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2011/10/06 17:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MetaQuotes
[2011/11/16 16:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/09/16 02:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\My
[2009/12/25 11:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeatReceipts Professional
[2009/12/25 15:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Palo Alto Software
[2009/12/25 15:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PAS
[2008/12/10 03:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2008/10/19 12:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaskMgr
[2011/07/15 02:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/10/06 19:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\AVG Secure Search
[2011/10/06 19:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\AVG2012
[2011/11/15 03:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\BitTorrent
[2011/11/13 21:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\com.socialbox.socialbox
[2011/11/11 00:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\DiskAid
[2011/09/03 00:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Elluminate
[2011/11/11 02:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\FileZilla
[2011/11/11 01:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\GlobalSCAPE
[2011/06/08 19:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Leadertech
[2009/05/13 20:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Lenovo
[2009/12/25 16:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Palo Alto Software
[2011/09/30 01:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\PriceGong
[2011/09/02 21:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Quest3D
[2011/09/02 21:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Roaming
[2011/10/20 23:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Spotify
[2011/10/22 00:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\TuneAid
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2011/11/15 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2011/11/15 23:47:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009Core.job
[2011/11/16 17:47:18 | 000,000,994 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 11/16/2011 6:25:28 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Chad\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 74.65% Memory free
4.83 Gb Paging File | 4.14 Gb Available in Paging File | 85.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.12 Gb Total Space | 6.48 Gb Free Space | 4.53% Space Free | Partition Type: NTFS
Drive E: | 572.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LENOVO-7BC18E34 | User Name: Chad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Logitech\Vid\Vid.exe" = C:\Program Files\Logitech\Vid\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer.exe" = C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer.exe:*:Enabled:Spotify
"C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer (1).exe" = C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer (1).exe:*:Enabled:Spotify
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0A64B3CB-B0FF-4D21-8FBB-208ED9812840}" = iDemo
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20585CDC-114E-4372-986A-0686B1A37A30}" = Business Plan Pro 2007
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4447D5B5-95ED-4C4D-A9C3-1D8E892D5377}" = AVG 2012
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Integrated Camera
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5CA3501B-7297-48C1-B192-08A2275D327A}" = Global Trading System Pro
"{6280149E-EFF3-4F1B-BD43-5B7EDD6F620A}" = Lenovo Care Supplement
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D74FCD-8DB9-4BEB-9C9D-1D19F2E02AE3}" = Microsoft Report Viewer Redistributable 2005
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79D56DFD-D28E-4289-BED2-32A6342A305B}" = Corel Business Center
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91789CDD-E83A-4186-B436-AA7A588679FD}" = NeatReceipts Database Controller
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{98BD9EA5-2DF2-445C-8C8D-057F55B3C633}" = AVG 2012
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF7DEC7-D521-46FB-A0BA-032A13FD81AF}" = SmartAudio
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92B6797-9C07-4E25-AD96-29087D3A2AC2}" = TouchCopy 09
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF52099A-3BEA-4C41-AEA8-1E190F04D737}" = Lenovo Care
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEE8EE76-4C12-B53E-7460-DEF4AA45FAB9}" = Socialbox
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = InterVideo InstantON (remove only)
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EA5911C2-1FE1-4F3E-805C-AA432A19C6EA}" = PM Agent V1.0.0.8
"{EC422FB2-9F4D-4FB1-A5CE-5F741132EBC5}" = Lenovo Fingerprint Software
"{ED5761A3-C109-4E0E-8241-19DB67E66BED}" = CuteFTP 8 Lite
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Age Of Empires 2 & The Conquerors Expansion - Full Game" = Age Of Empires 2 & The Conquerors Expansion - Full Game
"ATT-PRT22" = ATT-PRT22
"AVG" = AVG 2012
"AVG Secure Search" = AVG Security Toolbar
"AwayTask" = Maintenance Manager
"BitTorrent" = BitTorrent
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner (remove only)
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_5045&SUBSYS_17AA3C19" = Soft Data Fax Modem with SmartCP
"com.socialbox.socialbox" = Socialbox
"Digital Media LE" = Roxio Digital Media LE
"DiskAid_is1" = DiskAid 4.5
"FileZilla Client" = FileZilla Client 3.5.2
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Kali II" = Kali II
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.2 (Full)
"Lenovo Registration" = Lenovo Registration
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MetaTrader 4" = MetaTrader 4
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Report Viewer Redistributable 2005" = Microsoft Report Viewer Redistributable 2005
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Myst Masterpiece Edition" = Myst Masterpiece Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OnScreenDisplay" = On Screen Display
"PCMCIAPW" = ThinkPad PC Card Power Policy
"Picasa2" = Picasa 2
"ProInst" = Intel® PROSet/Wireless Software
"RealVNC_is1" = VNC Free Edition 4.1.3
"StartNow Toolbar" = StartNow Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Adventures of Zak McKracken" = The Adventures of Zak McKracken
"TuneAid_is1" = TuneAid 3.04
"vGrabber" = vGrabber
"VLC media player" = VLC media player 1.1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.3.4
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WOLAPI" = Westwood Shared Internet Components
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZC2.10w" = Zelda Classic 2.10w

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/7/2011 12:58:41 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/7/2011 12:58:41 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5193125

Error - 11/7/2011 12:58:41 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5193125

Error - 11/7/2011 12:58:43 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/7/2011 12:58:43 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5195297

Error - 11/7/2011 12:58:43 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5195297

Error - 11/7/2011 12:58:45 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/7/2011 12:58:45 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5197453

Error - 11/7/2011 12:58:45 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5197453

Error - 11/7/2011 12:58:47 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ System Events ]
Error - 11/16/2011 6:28:09 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The TVT Backup Protection Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/16/2011 6:28:09 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The TVT Backup Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 11/16/2011 6:28:09 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The System Update service terminated unexpectedly. It has done this
1 time(s).

Error - 11/16/2011 6:28:09 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The TVT Scheduler service terminated unexpectedly. It has done this
1 time(s).

Error - 11/16/2011 6:28:09 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The Updater Service for StartNow Toolbar service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/16/2011 6:28:10 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7031
Description = The Windows Live ID Sign-in Assistant service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
10000 milliseconds: Restart the service.

Error - 11/16/2011 6:28:10 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7031
Description = The Access Connections Main Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
60000 milliseconds: Restart the service.

Error - 11/16/2011 6:33:29 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The Updater Service for StartNow Toolbar service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/16/2011 6:46:35 PM | Computer Name = LENOVO-7BC18E34 | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{416E8471-F1FA-4624-94F1-351DCA42CF15}. The
backup browser is stopping.

Error - 11/16/2011 7:24:53 PM | Computer Name = LENOVO-7BC18E34 | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{416E8471-F1FA-4624-94F1-351DCA42CF15}. The
backup browser is stopping.

< End of report >

Edited by Chad Oneal, 16 November 2011 - 05:46 PM.

#2
CompCav

Posted 16 November 2011 - 08:51 PM

Member 5k

Expert
12,454 posts

Hi, Chad Oneal! Posted Image

My nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out.

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:

Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
You must reply within four days failure to reply will result in the topic being closed!
Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

P2P Warning!:

IMPORTANT I have noticed that there are signs of BitTorrent P2P (Person to Person) File Sharing Program on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep them, please do not use either of them until your computer is cleaned.

Hard Drive Free Space Warning!

You have only 6.48 Gb Free Space (4.53% Space Free) and you need 10-15% free for optimal performance. Please remove any unnecessary programs or files. We can address this more after we remove temporary files if you wish.

It also looks like you ran ComboFix, please post the log it generated in your next reply.

Step 1.

Download aswMBR.exe ( 1.8mB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

Step 2.

Download OTL to your Desktop or re run the one you already have.
Double click on the icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top, make sure Standard output is selected.
Select Scan all users
Under Extra Registry select Use SafeList
Check the boxes beside LOP Check and Purity Check.
Under the Custom Scans/Fixes box copy and paste this in:

netsvcs
msconfig
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
iexplorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
C:\Windows\assembly\tmp\U\*.* /s
CREATERESTOREPOINT
Click the button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open OTL.Txt in Notepad window and the Extras.txt file on the task bar.
Please copy (Edit->Select All, Edit->Copy) the content of this file, the Extras.txt file, and post them with your next reply.

Step 3.

Please Post:

ComboFix.txt
aswMBR log
OTL.txt
Extras.txt

#3
Chad Oneal

Posted 16 November 2011 - 09:32 PM

Member

Topic Starter
Member
55 posts

CompCav:

Congratulations on making it to a Senior in GeekUniversity. Hopefully I will soon have some free time to commit to going through it myself!!

Hard Drive Free Space Warning!

You have only 6.48 Gb Free Space (4.53% Space Free) and you need 10-15% free for optimal performance. Please remove any unnecessary programs or files. We can address this more after we remove temporary files if you wish.

I uninstalled many programs, including BitTorrent as you suggested.

It also looks like you ran ComboFix, please post the log it generated in your next reply.

I have not used CCleaner in many years, only when instructed to. I looked around, and found a log from 2009 on my harddrive that may have misled you. I won't bother posting it.

Here is my my logs.

aswMBR

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-16 22:03:55
-----------------------------
22:03:55.734 OS Version: Windows 5.1.2600 Service Pack 3
22:03:55.734 Number of processors: 2 586 0xF0D
22:03:55.734 ComputerName: LENOVO-7BC18E34 UserName: Chad
22:03:57.062 Initialize success
22:04:21.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:04:21.250 Disk 0 Vendor: WDC_WD16 08.0 Size: 152627MB BusType: 3
22:04:21.265 Disk 0 MBR read successfully
22:04:21.265 Disk 0 MBR scan
22:04:21.265 Disk 0 unknown MBR code
22:04:21.265 Disk 0 scanning sectors +312576705
22:04:21.343 Disk 0 scanning C:\WINDOWS\system32\drivers
22:04:31.656 Service scanning
22:04:32.843 Modules scanning
22:04:37.640 Disk 0 trace - called modules:
22:04:37.656 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
22:04:37.656 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad52478]
22:04:37.656 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000087[0x8ad2f4d0]
22:04:37.671 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8a7f8030]
22:04:38.031 Scan finished successfully
22:04:48.765 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Chad\Desktop\MBR.dat"
22:04:48.765 The log file has been saved successfully to "C:\Documents and Settings\Chad\Desktop\aswMBR.txt"

OTL.txt

OTL logfile created on: 11/16/2011 10:09:22 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Chad\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.16 Gb Available Physical Memory | 72.34% Memory free
4.83 Gb Paging File | 4.00 Gb Available in Paging File | 82.84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.12 Gb Total Space | 6.50 Gb Free Space | 4.54% Space Free | Partition Type: NTFS
Drive E: | 572.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LENOVO-7BC18E34 | User Name: Chad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/16 22:07:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chad\Desktop\OTL (1).exe
PRC - [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/10/24 19:29:34 | 002,398,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2011/10/24 19:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/10/18 05:14:54 | 001,229,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 05:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 05:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/10/06 19:43:38 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011/09/26 12:27:08 | 000,024,216 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\Info Center\InfoCenter.exe
PRC - [2011/09/08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/05 13:03:16 | 000,228,480 | ---- | M] (Digital Business Processes) -- C:\Program Files\Common Files\NeatReceipts\DB Controller\NeatReceiptsDBController.exe
PRC - [2007/08/03 18:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/07/05 17:05:04 | 000,065,536 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2007/07/05 17:04:18 | 000,114,688 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2007/07/05 17:03:32 | 000,184,320 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2007/06/22 13:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) -- C:\WINDOWS\system32\FpLogonServ.exe
PRC - [2007/04/08 20:24:32 | 000,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2007/03/07 08:51:52 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe
PRC - [2007/02/08 15:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 15:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/29 22:01:26 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/11 23:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/04/17 19:00:10 | 000,028,672 | ---- | M] (Wistron Corp.) -- C:\Program Files\PM Agent\WisFnCtrlSvc.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/08 15:46:02 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/11/07 22:02:56 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\ppgooglenaclpluginchrome.dll
MOD - [2011/11/07 22:02:55 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\pdf.dll
MOD - [2011/11/07 22:01:20 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\avutil-51.dll
MOD - [2011/11/07 22:01:19 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\avformat-53.dll
MOD - [2011/11/07 22:01:17 | 001,746,504 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\avcodec-53.dll
MOD - [2011/11/07 18:44:56 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\gcswf32.dll
MOD - [2011/10/21 22:22:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
MOD - [2011/10/21 22:21:40 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/21 22:21:14 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/21 21:56:42 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/21 21:56:36 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/21 21:56:20 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/21 21:54:26 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/21 16:12:56 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/06 19:43:38 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/02/05 13:03:18 | 000,114,688 | ---- | M] () -- C:\Program Files\Common Files\NeatReceipts\DB Controller\DigitalBP.SPI.Core.dll
MOD - [2008/02/05 13:03:16 | 000,049,152 | ---- | M] () -- C:\Program Files\Common Files\NeatReceipts\DB Controller\DigitalBP.Core.dll
MOD - [2007/04/16 13:17:32 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/04/14 08:30:56 | 000,139,264 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\CDRecord.dll
MOD - [2007/03/07 08:51:52 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe
MOD - [2007/02/08 15:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
MOD - [2007/02/08 15:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
MOD - [2006/12/13 21:06:42 | 000,028,672 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\tphklock.dll
MOD - [2006/11/20 20:04:06 | 000,856,064 | ---- | M] () -- C:\Program Files\Lenovo Fingerprint Software\SharedResources.dll
MOD - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/10/24 19:29:34 | 002,398,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011/10/12 05:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/10/06 19:43:38 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2011/07/07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/02/05 13:03:16 | 000,228,480 | ---- | M] (Digital Business Processes) [Auto | Running] -- C:\Program Files\Common Files\NeatReceipts\DB Controller\NeatReceiptsDBController.exe -- (NeatReceipts Database Controller)
SRV - [2007/08/03 18:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/07/05 17:05:04 | 000,065,536 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2007/07/05 17:03:32 | 000,184,320 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2007/06/22 13:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) [Auto | Running] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2007/04/08 20:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007/03/07 08:51:52 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2007/02/08 15:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/01/29 22:01:26 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/11 23:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/04/17 19:00:10 | 000,028,672 | ---- | M] (Wistron Corp.) [Auto | Running] -- C:\Program Files\PM Agent\WisFnCtrlSvc.exe -- (WisFnCtrlSvc)

========== Driver Services (SafeList) ==========

DRV - [2011/10/07 05:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 05:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 00:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 00:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 00:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/23 00:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2011/05/23 00:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/05/07 13:53:30 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010/05/07 13:53:14 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam C260(UVC)
DRV - [2010/05/07 13:51:32 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/07 13:51:20 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/18 16:47:53 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/11/18 16:47:49 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007/08/15 06:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2007/07/02 18:19:38 | 000,763,688 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2007/06/16 23:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/05/22 02:59:34 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/04/30 08:37:20 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/04/09 13:03:00 | 000,012,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007/04/02 13:24:08 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2007/03/29 17:19:36 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/03/22 00:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/08 02:03:56 | 000,625,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2007/03/07 08:51:52 | 000,072,672 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2007/02/24 16:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 17:46:00 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/23 18:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/12 20:41:20 | 000,862,922 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/11/08 02:00:10 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/11/08 01:59:34 | 000,209,152 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/11/08 01:59:30 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/11/06 03:23:24 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006/10/29 20:51:40 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005/11/08 11:27:20 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...l_date=20110909
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/11/16 17:34:01 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.c...pr&d=2011-10-06 20:43:38&v=8.0.0.34&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.goog...outputEncoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java™ Platform SE 6 U12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\

O1 HOSTS File: ([2009/03/18 12:47:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-21-261478415-2542434305-4085094211-1009..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{416E8471-F1FA-4624-94F1-351DCA42CF15}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\ACNotify: DllName - (ACNotify.dll) - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\ATFUS: DllName - (C:\WINDOWS\system32\FpWinLogonNp.dll) - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\tphotkey: DllName - (C:\Program Files\Lenovo\HOTKEY\tphklock.dll) - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 02:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/11/10 19:44:37 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{a3512412-40ac-11de-a72c-001f3adcc53d}\Shell - "" = AutoRun
O33 - MountPoints2\{a3512412-40ac-11de-a72c-001f3adcc53d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a3512412-40ac-11de-a72c-001f3adcc53d}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Palo Alto Software Update Manager 9.0.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^Age2 Config.lnk - C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\Data\closedpw.exe - ()
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^Logitech . Product Registration.lnk - C:\Program Files\Logitech\Ereg\eReg.exe - (Leader Technologies/Logitech)
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe - (MagicISO, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^Socialbox.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^User^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: ACTray - hkey= - key= - C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )
MsConfig - StartUpReg: ACWLIcon - hkey= - key= - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AMSG - hkey= - key= - C:\Program Files\ThinkVantage\AMSG\Amsg.exe (LENOVO)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: AVG8_TRAY - hkey= - key= - File not found
MsConfig - StartUpReg: AVG_TRAY - hkey= - key= - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
MsConfig - StartUpReg: AwaySch - hkey= - key= - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
MsConfig - StartUpReg: BluetoothAuthenticationAgent - hkey= - key= - File not found
MsConfig - StartUpReg: BsMnt - hkey= - key= - C:\WINDOWS\BisonCam\BsMnt.exe ()
MsConfig - StartUpReg: cctray - hkey= - key= - File not found
MsConfig - StartUpReg: Corel Photo Downloader - hkey= - key= - File not found
MsConfig - StartUpReg: cssauth - hkey= - key= - File not found
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: DiskeeperSystray - hkey= - key= - File not found
MsConfig - StartUpReg: Facebook Update - hkey= - key= - C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
MsConfig - StartUpReg: FingerPrintSoftware - hkey= - key= - C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found
MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Logitech Vid - hkey= - key= - C:\Program Files\Logitech\Vid\Vid.exe (Logitech Inc.)
MsConfig - StartUpReg: Logitech Vid HD - hkey= - key= - C:\Program Files\Logitech\Vid\vid.exe (Logitech Inc.)
MsConfig - StartUpReg: LPManager - hkey= - key= - C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
MsConfig - StartUpReg: LWS - hkey= - key= - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
MsConfig - StartUpReg: LxrAutorun - hkey= - key= - C:\Documents and Settings\Chad\Local Settings\Application Data\Lexar Media\LxrAutorun.exe ()
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: Persistence - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: StartNowToolbarHelper - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: TPFNF7 - hkey= - key= - C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
MsConfig - StartUpReg: TPWAUDAP - hkey= - key= - C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
MsConfig - StartUpReg: TVT Scheduler Proxy - hkey= - key= - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
MsConfig - StartUpReg: vProt - hkey= - key= - C:\Program Files\AVG Secure Search\vprot.exe ()
MsConfig - StartUpReg: Wi-Fi Sync - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 1

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/16 22:08:02 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chad\Desktop\OTL (1).exe
[2011/11/16 18:50:59 | 000,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2011/11/16 17:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\SUPERAntiSpyware.com
[2011/11/16 17:44:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/11/16 17:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Desktop\Nealy
[2011/11/13 21:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\com.socialbox.socialbox
[2011/11/11 23:15:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chad\Recent
[2011/11/11 01:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\FileZilla
[2011/11/11 01:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2011/11/11 01:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/11/11 01:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Local Settings\Application Data\GlobalSCAPE
[2011/11/11 01:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\GlobalSCAPE
[2011/11/11 01:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2011/11/09 11:51:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2011/10/27 11:40:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Start Menu\Programs\Age Of Empires 2 & The Conquerors Expansion - Full Game
[2011/10/27 11:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game
[2011/10/27 07:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Local Settings\Application Data\Identities
[2011/10/25 02:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/10/25 02:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/25 02:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/25 02:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/22 21:43:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Desktop\iPodContent
[2011/10/21 15:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/10/20 22:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Local Settings\Application Data\Spotify
[2011/10/20 22:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\Spotify
[2008/10/27 12:38:54 | 000,095,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[2008/10/27 12:37:34 | 001,692,496 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2008/10/27 12:36:58 | 000,526,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe

========== Files - Modified Within 30 Days ==========

[2011/11/16 22:07:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chad\Desktop\OTL (1).exe
[2011/11/16 22:04:48 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\MBR.dat
[2011/11/16 22:03:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/11/16 21:30:56 | 000,029,805 | ---- | M] () -- C:\WINDOWS\KernelMessage
[2011/11/16 18:24:42 | 000,530,464 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/16 18:24:42 | 000,098,828 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/16 18:20:50 | 000,025,269 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2011/11/16 18:20:28 | 000,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2011/11/16 18:20:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/16 18:20:24 | 3211,186,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/16 17:47:18 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job
[2011/11/16 17:44:15 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/16 17:38:27 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/16 17:25:10 | 000,000,211 | -H-- | M] () -- C:\boot.ini
[2011/11/16 16:04:20 | 109,888,454 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/11/15 23:47:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009Core.job
[2011/11/15 21:31:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/15 18:36:16 | 109,857,108 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm.old
[2011/11/14 19:01:24 | 000,062,976 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/14 18:39:28 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Free Online MMPI-2 Test and Scoring.htm
[2011/11/14 18:35:34 | 000,133,125 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/11/14 09:03:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009Core.job
[2011/11/12 15:04:23 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/12 15:04:22 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Google Chrome.lnk
[2011/11/09 18:03:22 | 000,617,316 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/11/06 00:24:44 | 000,061,542 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\298880_2354542715738_1615311521_2344231_295436652_n.jpg
[2011/11/06 00:24:37 | 000,069,598 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\296092_2358188006868_1615311521_2347173_1587254469_n.jpg
[2011/11/06 00:24:30 | 000,060,224 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\305760_2358188846889_1615311521_2347174_1191725054_n.jpg
[2011/11/06 00:24:26 | 000,067,623 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\316983_2358194407028_1615311521_2347175_1049486392_n.jpg
[2011/11/06 00:13:09 | 000,068,009 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\298104_2358186166822_1615311521_2347167_414038111_n.jpg
[2011/11/06 00:12:48 | 000,074,368 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\302682_2358381331701_1615311521_2347270_1834447535_n.jpg
[2011/11/04 08:07:02 | 000,000,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/10/30 13:25:01 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\winscp.rnd
[2011/10/30 02:06:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\updateall.cfg
[2011/10/29 22:23:48 | 000,058,834 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\torquehp.html
[2011/10/27 11:40:47 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\AOCCONFIG.lnk
[2011/10/27 11:40:46 | 000,001,011 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Age2.lnk
[2011/10/27 11:40:45 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Empires2.lnk
[2011/10/27 06:15:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/25 02:24:40 | 000,001,549 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/23 03:50:23 | 029,203,460 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Pimsleur - Greek I - Lesson 01.mp3
[2011/10/22 00:24:56 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\com.plutinosoft.idemo.plist
[2011/10/21 21:51:23 | 000,286,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/21 15:40:20 | 000,000,916 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/10/21 12:34:03 | 004,731,859 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\complaintforequitablerelieffiled.pdf
[2011/10/21 12:34:02 | 000,193,064 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\complainttocompelshareholdermeetingfiled.pdf
[2011/10/21 12:33:58 | 000,065,671 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\affidavitofanthonymoore.pdf
[2011/10/21 12:33:50 | 000,068,459 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\affidavitofgarypetty.pdf

========== Files Created - No Company Name ==========

[2011/11/16 22:04:48 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\MBR.dat
[2011/11/16 17:44:15 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/14 18:39:27 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Free Online MMPI-2 Test and Scoring.htm
[2011/11/06 00:24:45 | 000,061,542 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\298880_2354542715738_1615311521_2344231_295436652_n.jpg
[2011/11/06 00:24:38 | 000,069,598 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\296092_2358188006868_1615311521_2347173_1587254469_n.jpg
[2011/11/06 00:24:31 | 000,060,224 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\305760_2358188846889_1615311521_2347174_1191725054_n.jpg
[2011/11/06 00:24:27 | 000,067,623 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\316983_2358194407028_1615311521_2347175_1049486392_n.jpg
[2011/11/06 00:13:10 | 000,068,009 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\298104_2358186166822_1615311521_2347167_414038111_n.jpg
[2011/11/06 00:12:51 | 000,074,368 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\302682_2358381331701_1615311521_2347270_1834447535_n.jpg
[2011/10/30 02:06:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\updateall.cfg
[2011/10/29 22:23:48 | 000,058,834 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\torquehp.html
[2011/10/27 11:40:47 | 000,000,877 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\AOCCONFIG.lnk
[2011/10/27 11:40:46 | 000,001,011 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Age2.lnk
[2011/10/27 11:40:45 | 000,001,018 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Empires2.lnk
[2011/10/25 02:24:40 | 000,001,549 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/21 12:34:02 | 000,193,064 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\complainttocompelshareholdermeetingfiled.pdf
[2011/10/21 12:33:58 | 000,065,671 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\affidavitofanthonymoore.pdf
[2011/10/21 12:33:56 | 004,731,859 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\complaintforequitablerelieffiled.pdf
[2011/10/21 12:33:53 | 000,068,459 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\affidavitofgarypetty.pdf
[2011/10/20 01:15:53 | 029,203,460 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Pimsleur - Greek I - Lesson 01.mp3
[2011/09/17 21:37:32 | 000,514,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-261478415-2542434305-4085094211-1009-0.dat
[2011/09/17 21:37:31 | 000,283,230 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/09/16 02:54:48 | 000,000,513 | ---- | C] () -- C:\Documents and Settings\Chad\Application Data\com.plutinosoft.idemo.plist
[2011/09/15 23:53:13 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Chad\Application Data\winscp.rnd
[2011/08/19 15:45:47 | 000,171,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/07/15 01:23:37 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/03 04:24:10 | 000,062,976 | ---- | C] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/05/27 23:01:19 | 000,001,045 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/05/27 22:59:45 | 000,088,576 | R--- | C] () -- C:\WINDOWS\RAUNINST.EXE
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/05/07 13:44:36 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/07 13:44:16 | 005,496,152 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/07 13:44:16 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/07 13:24:46 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/05/14 12:38:36 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2009/05/14 12:38:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LxrSII1s.exe
[2009/03/19 08:18:15 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\GetInst32.dll
[2009/03/18 12:23:50 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/03/18 12:23:50 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/03/18 12:23:48 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/03/18 12:23:48 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/18 12:23:48 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/18 12:23:47 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/18 11:56:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/03/18 11:56:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/03/18 11:56:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/18 11:56:35 | 000,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009/01/12 10:38:26 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/01/12 10:38:25 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008/12/11 15:02:35 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/10/27 12:38:20 | 013,265,184 | ---- | C] () -- C:\Program Files\dxnt.cab
[2008/10/27 12:38:20 | 004,163,646 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2008/10/27 12:38:20 | 001,907,944 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab
[2008/10/27 12:38:20 | 001,803,074 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab
[2008/10/27 12:38:18 | 001,801,176 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2008/10/27 12:38:18 | 001,795,100 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
[2008/10/27 12:38:18 | 001,793,624 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
[2008/10/27 12:38:18 | 001,770,878 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2008/10/27 12:38:18 | 001,710,376 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab
[2008/10/27 12:38:18 | 001,709,168 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2008/10/27 12:38:18 | 001,608,374 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2008/10/27 12:38:16 | 001,608,790 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2008/10/27 12:38:16 | 001,608,302 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2008/10/27 12:38:16 | 001,607,055 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2008/10/27 12:38:16 | 001,575,392 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2008/10/27 12:38:16 | 001,572,170 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2008/10/27 12:38:14 | 001,551,228 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab
[2008/10/27 12:38:14 | 001,465,688 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
[2008/10/27 12:38:14 | 001,464,894 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
[2008/10/27 12:38:14 | 001,413,918 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2008/10/27 12:38:14 | 001,363,812 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2008/10/27 12:38:14 | 001,358,992 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2008/10/27 12:38:12 | 001,444,298 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2008/10/27 12:38:12 | 001,398,846 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2008/10/27 12:38:12 | 001,351,558 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2008/10/27 12:38:10 | 001,348,370 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2008/10/27 12:38:10 | 001,337,018 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2008/10/27 12:38:10 | 001,248,515 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2008/10/27 12:38:10 | 001,156,507 | ---- | C] () -- C:\Program Files\BDANT.cab
[2008/10/27 12:38:10 | 001,128,233 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2008/10/27 12:38:10 | 001,116,237 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2008/10/27 12:38:10 | 001,080,472 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2008/10/27 12:38:08 | 001,085,736 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2008/10/27 12:38:08 | 001,079,978 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2008/10/27 12:38:08 | 001,078,660 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2008/10/27 12:38:08 | 001,065,941 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2008/10/27 12:38:08 | 001,014,241 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2008/10/27 12:38:08 | 000,995,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab
[2008/10/27 12:38:08 | 000,122,810 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab
[2008/10/27 12:38:08 | 000,097,833 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2008/10/27 12:38:08 | 000,094,750 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2008/10/27 12:38:04 | 000,976,164 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2008/10/27 12:38:04 | 000,966,445 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab
[2008/10/27 12:38:04 | 000,917,446 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2008/10/27 12:38:04 | 000,868,844 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
[2008/10/27 12:38:04 | 000,868,628 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
[2008/10/27 12:38:04 | 000,865,616 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab
[2008/10/27 12:38:04 | 000,853,302 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2008/10/27 12:38:04 | 000,850,935 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
[2008/10/27 12:38:04 | 000,096,053 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2008/10/27 12:38:04 | 000,094,144 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
[2008/10/27 12:38:04 | 000,055,538 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab
[2008/10/27 12:38:04 | 000,045,464 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2008/10/27 12:38:02 | 000,850,183 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
[2008/10/27 12:38:02 | 000,845,900 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2008/10/27 12:38:02 | 000,819,276 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2008/10/27 12:38:02 | 000,094,028 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
[2008/10/27 12:38:02 | 000,093,700 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab
[2008/10/27 12:38:02 | 000,088,158 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2008/10/27 12:38:02 | 000,088,117 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2008/10/27 12:38:02 | 000,087,053 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2008/10/27 12:38:02 | 000,056,170 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
[2008/10/27 12:38:02 | 000,056,074 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2008/10/27 12:38:02 | 000,054,318 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2008/10/27 12:38:02 | 000,047,160 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2008/10/27 12:38:02 | 000,047,074 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2008/10/27 12:38:02 | 000,046,375 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2008/10/27 12:38:02 | 000,022,921 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
[2008/10/27 12:38:02 | 000,022,867 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab
[2008/10/27 12:38:02 | 000,019,512 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2008/10/27 12:38:00 | 000,804,900 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab
[2008/10/27 12:38:00 | 000,797,883 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2008/10/27 12:38:00 | 000,700,060 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2008/10/27 12:38:00 | 000,699,628 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2008/10/27 12:38:00 | 000,047,026 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2008/10/27 12:38:00 | 000,022,883 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2008/10/27 12:37:58 | 000,699,488 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2008/10/27 12:37:58 | 000,696,881 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2008/10/27 12:37:58 | 000,272,384 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
[2008/10/27 12:37:58 | 000,270,858 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
[2008/10/27 12:37:58 | 000,270,644 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
[2008/10/27 12:37:54 | 000,274,976 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab
[2008/10/27 12:37:54 | 000,273,627 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab
[2008/10/27 12:37:52 | 000,270,040 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
[2008/10/27 12:37:52 | 000,252,210 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2008/10/27 12:37:52 | 000,227,266 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2008/10/27 12:37:52 | 000,199,112 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2008/10/27 12:37:50 | 000,213,823 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2008/10/27 12:37:50 | 000,198,138 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2008/10/27 12:37:50 | 000,193,491 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2008/10/27 12:37:48 | 000,197,778 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2008/10/27 12:37:48 | 000,196,782 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2008/10/27 12:37:48 | 000,195,691 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2008/10/27 12:37:48 | 000,192,736 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2008/10/27 12:37:48 | 000,183,919 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2008/10/27 12:37:48 | 000,183,377 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,181,801 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,180,149 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,179,375 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,154,028 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2008/10/27 12:37:44 | 000,153,925 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2008/10/27 12:37:44 | 000,152,241 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2008/10/27 12:37:42 | 000,149,280 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2008/10/27 12:37:42 | 000,148,999 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2008/10/27 12:37:42 | 000,146,615 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2008/10/27 12:37:42 | 000,139,033 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2008/10/27 12:37:42 | 000,138,251 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2008/10/27 12:37:40 | 000,134,687 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2008/10/27 12:37:40 | 000,133,425 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2008/10/27 12:37:40 | 000,123,352 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2008/10/27 12:37:40 | 000,122,840 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
[2008/10/27 12:37:40 | 000,122,070 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
[2008/10/27 12:37:38 | 000,134,119 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2008/10/21 06:51:19 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini
[2008/10/19 12:07:35 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\17C3E4AEA3.sys
[2008/10/19 04:45:04 | 000,006,110 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/10/19 04:45:04 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\BFB29CAF48.sys
[2008/08/17 08:39:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/17 08:22:18 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2008/08/17 08:21:13 | 000,114,688 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2008/08/17 08:18:13 | 001,398,352 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
[2008/08/17 08:13:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/08/17 08:13:41 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/08/17 08:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/08/17 08:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/08/17 08:13:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/08/17 08:13:41 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/08/17 08:08:57 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/08/17 08:08:57 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2008/08/17 08:08:49 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2008/08/17 08:06:53 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008/08/17 08:06:33 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2008/08/17 08:01:00 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\Softkbd.exe.config
[2007/08/16 05:28:38 | 000,025,269 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007/08/16 05:28:27 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007/08/15 06:27:18 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\n558.sys
[2007/02/09 14:54:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/11 23:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/11/02 22:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/04/30 02:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 02:22:10 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/04/30 02:19:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/04/30 02:10:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/04/30 01:55:59 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/04/30 01:55:55 | 000,530,464 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/04/30 01:55:55 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/04/30 01:55:55 | 000,098,828 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/04/30 01:55:55 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/04/30 01:55:54 | 000,004,547 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/04/30 01:55:52 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/04/30 01:55:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/04/30 01:55:44 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/04/30 01:55:44 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/04/30 01:55:37 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/04/30 01:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/04/29 19:04:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/04/29 19:03:29 | 000,286,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2008/10/08 10:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Lenovo
[2011/11/16 17:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2008/08/17 08:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2011/10/06 19:25:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/10/21 06:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Global Software Publishing
[2011/11/11 01:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2008/10/08 10:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2011/10/06 17:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MetaQuotes
[2011/11/16 16:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/12/25 11:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeatReceipts Professional
[2009/12/25 15:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PAS
[2011/11/16 18:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2008/10/19 12:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaskMgr
[2011/07/15 02:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/10/06 19:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\AVG Secure Search
[2011/10/06 19:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\AVG2012
[2011/11/16 22:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\BitTorrent
[2011/11/13 21:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\com.socialbox.socialbox
[2011/11/11 00:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\DiskAid
[2011/09/03 00:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Elluminate
[2011/11/11 02:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\FileZilla
[2011/11/11 01:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\GlobalSCAPE
[2011/06/08 19:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Leadertech
[2009/05/13 20:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Lenovo
[2009/12/25 16:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Palo Alto Software
[2011/09/30 01:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\PriceGong
[2011/09/02 21:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Quest3D
[2011/09/02 21:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Roaming
[2011/10/20 23:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Spotify
[2011/10/22 00:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\TuneAid
[2008/10/08 10:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Lenovo
[2008/10/08 10:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joyce\Application Data\Lenovo
[2009/03/18 11:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\aAvgApi
[2011/10/12 14:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG2012
[2008/10/19 12:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Hoyle FaceCreator
[2010/10/27 12:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Hoyle Puzzle and Board Games
[2008/12/10 09:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\InterVideo
[2008/10/15 01:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2008/10/08 10:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Lenovo
[2009/12/25 15:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Palo Alto Software
[2011/06/03 08:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PriceGong
[2009/06/02 18:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Runes of Avalon
[2011/11/16 17:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User.LENOVO-7BC18E34\Application Data\AVG2012
[2008/10/08 10:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User.LENOVO-7BC18E34\Application Data\Lenovo
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2011/11/15 23:47:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009Core.job
[2011/11/16 17:47:18 | 000,000,994 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2005/04/01 13:19:51 | 000,502,784 | ---- | M] (Microsoft Corporation) MD5=986EC72D788E00E8E397B7BB7F5A9E45 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2011/08/17 06:01:37 | 000,634,632 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2011/08/17 06:01:37 | 000,634,632 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< End of report >

Extras.txt

OTL Extras logfile created on: 11/16/2011 10:09:22 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Chad\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.16 Gb Available Physical Memory | 72.34% Memory free
4.83 Gb Paging File | 4.00 Gb Available in Paging File | 82.84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.12 Gb Total Space | 6.50 Gb Free Space | 4.54% Space Free | Partition Type: NTFS
Drive E: | 572.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LENOVO-7BC18E34 | User Name: Chad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Vid\Vid.exe" = C:\Program Files\Logitech\Vid\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer.exe" = C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer.exe:*:Enabled:Spotify
"C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer (1).exe" = C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer (1).exe:*:Enabled:Spotify
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4447D5B5-95ED-4C4D-A9C3-1D8E892D5377}" = AVG 2012
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Integrated Camera
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5CA3501B-7297-48C1-B192-08A2275D327A}" = Global Trading System Pro
"{6280149E-EFF3-4F1B-BD43-5B7EDD6F620A}" = Lenovo Care Supplement
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D74FCD-8DB9-4BEB-9C9D-1D19F2E02AE3}" = Microsoft Report Viewer Redistributable 2005
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79D56DFD-D28E-4289-BED2-32A6342A305B}" = Corel Business Center
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91789CDD-E83A-4186-B436-AA7A588679FD}" = NeatReceipts Database Controller
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{98BD9EA5-2DF2-445C-8C8D-057F55B3C633}" = AVG 2012
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF7DEC7-D521-46FB-A0BA-032A13FD81AF}" = SmartAudio
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92B6797-9C07-4E25-AD96-29087D3A2AC2}" = TouchCopy 09
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF52099A-3BEA-4C41-AEA8-1E190F04D737}" = Lenovo Care
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = InterVideo InstantON (remove only)
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EA5911C2-1FE1-4F3E-805C-AA432A19C6EA}" = PM Agent V1.0.0.8
"{EC422FB2-9F4D-4FB1-A5CE-5F741132EBC5}" = Lenovo Fingerprint Software
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Age Of Empires 2 & The Conquerors Expansion - Full Game" = Age Of Empires 2 & The Conquerors Expansion - Full Game
"ATT-PRT22" = ATT-PRT22
"AVG" = AVG 2012
"AVG Secure Search" = AVG Security Toolbar
"AwayTask" = Maintenance Manager
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner (remove only)
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_5045&SUBSYS_17AA3C19" = Soft Data Fax Modem with SmartCP
"Digital Media LE" = Roxio Digital Media LE
"FileZilla Client" = FileZilla Client 3.5.2
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Kali II" = Kali II
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.2 (Full)
"Lenovo Registration" = Lenovo Registration
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Report Viewer Redistributable 2005" = Microsoft Report Viewer Redistributable 2005
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OnScreenDisplay" = On Screen Display
"PCMCIAPW" = ThinkPad PC Card Power Policy
"Picasa2" = Picasa 2
"ProInst" = Intel® PROSet/Wireless Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Adventures of Zak McKracken" = The Adventures of Zak McKracken
"vGrabber" = vGrabber
"VLC media player" = VLC media player 1.1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.3.4
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WOLAPI" = Westwood Shared Internet Components
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZC2.10w" = Zelda Classic 2.10w

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/7/2011 12:58:41 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5193125

Error - 11/7/2011 12:58:43 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/7/2011 12:58:43 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5195297

Error - 11/7/2011 12:58:43 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5195297

Error - 11/7/2011 12:58:45 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/7/2011 12:58:45 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5197453

Error - 11/7/2011 12:58:45 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5197453

Error - 11/7/2011 12:58:47 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/7/2011 12:58:47 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5199562

Error - 11/7/2011 12:58:47 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5199562

[ System Events ]
Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At10.job command failed to start due to the following error: %%2147942402

Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At11.job command failed to start due to the following error: %%2147942402

Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942402

Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At3.job command failed to start due to the following error: %%2147942402

Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At4.job command failed to start due to the following error: %%2147942402

Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At5.job command failed to start due to the following error: %%2147942402

Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At6.job command failed to start due to the following error: %%2147942402

Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At7.job command failed to start due to the following error: %%2147942402

Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At8.job command failed to start due to the following error: %%2147942402

Error - 11/16/2011 11:00:00 PM | Computer Name = LENOVO-7BC18E34 | Source = Schedule | ID = 7901
Description = The At9.job command failed to start due to the following error: %%2147942402

< End of report >

Thank you!!

#4
CompCav

Posted 17 November 2011 - 01:43 PM

Member 5k

Expert
12,454 posts

Step 1.

OTL Fix

We need to run an OTL Fix

Please reopen on your desktop.

Copy and Paste the following code into the Posted Image

textbox.

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
MsConfig - StartUpReg: AVG8_TRAY - hkey= - key= - File not found
MsConfig - StartUpReg: cctray - hkey= - key= - File not found
MsConfig - StartUpReg: Corel Photo Downloader - hkey= - key= - File not found
MsConfig - StartUpReg: cssauth - hkey= - key= - File not found
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: DiskeeperSystray - hkey= - key= - File not found
[2011/11/16 22:03:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2011/11/16 22:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2008/10/27 12:38:20 | 004,163,646 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2008/10/27 12:38:20 | 001,907,944 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab
[2008/10/27 12:38:20 | 001,803,074 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab
[2008/10/27 12:38:18 | 001,801,176 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2008/10/27 12:38:18 | 001,795,100 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
[2008/10/27 12:38:18 | 001,793,624 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
[2008/10/27 12:38:18 | 001,770,878 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2008/10/27 12:38:18 | 001,710,376 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab
[2008/10/27 12:38:18 | 001,709,168 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2008/10/27 12:38:18 | 001,608,374 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2008/10/27 12:38:16 | 001,608,790 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2008/10/27 12:38:16 | 001,608,302 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2008/10/27 12:38:16 | 001,607,055 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2008/10/27 12:38:16 | 001,575,392 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2008/10/27 12:38:16 | 001,572,170 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2008/10/27 12:38:14 | 001,551,228 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab
[2008/10/27 12:38:14 | 001,465,688 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
[2008/10/27 12:38:14 | 001,464,894 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
[2008/10/27 12:38:14 | 001,413,918 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2008/10/27 12:38:14 | 001,363,812 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2008/10/27 12:38:14 | 001,358,992 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2008/10/27 12:38:12 | 001,444,298 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2008/10/27 12:38:12 | 001,398,846 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2008/10/27 12:38:12 | 001,351,558 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2008/10/27 12:38:10 | 001,348,370 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2008/10/27 12:38:10 | 001,337,018 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2008/10/27 12:38:10 | 001,248,515 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2008/10/27 12:38:10 | 001,156,507 | ---- | C] () -- C:\Program Files\BDANT.cab
[2008/10/27 12:38:10 | 001,128,233 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2008/10/27 12:38:10 | 001,116,237 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2008/10/27 12:38:10 | 001,080,472 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2008/10/27 12:38:08 | 001,085,736 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2008/10/27 12:38:08 | 001,079,978 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2008/10/27 12:38:08 | 001,078,660 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2008/10/27 12:38:08 | 001,065,941 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2008/10/27 12:38:08 | 001,014,241 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2008/10/27 12:38:08 | 000,995,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab
[2008/10/27 12:38:08 | 000,122,810 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab
[2008/10/27 12:38:08 | 000,097,833 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2008/10/27 12:38:08 | 000,094,750 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2008/10/27 12:38:04 | 000,976,164 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2008/10/27 12:38:04 | 000,966,445 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab
[2008/10/27 12:38:04 | 000,917,446 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2008/10/27 12:38:04 | 000,868,844 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
[2008/10/27 12:38:04 | 000,868,628 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
[2008/10/27 12:38:04 | 000,865,616 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab
[2008/10/27 12:38:04 | 000,853,302 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2008/10/27 12:38:04 | 000,850,935 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
[2008/10/27 12:38:04 | 000,096,053 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2008/10/27 12:38:04 | 000,094,144 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
[2008/10/27 12:38:04 | 000,055,538 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab
[2008/10/27 12:38:04 | 000,045,464 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2008/10/27 12:38:02 | 000,850,183 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
[2008/10/27 12:38:02 | 000,845,900 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2008/10/27 12:38:02 | 000,819,276 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2008/10/27 12:38:02 | 000,094,028 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
[2008/10/27 12:38:02 | 000,093,700 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab
[2008/10/27 12:38:02 | 000,088,158 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2008/10/27 12:38:02 | 000,088,117 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2008/10/27 12:38:02 | 000,087,053 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2008/10/27 12:38:02 | 000,056,170 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
[2008/10/27 12:38:02 | 000,056,074 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2008/10/27 12:38:02 | 000,054,318 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2008/10/27 12:38:02 | 000,047,160 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2008/10/27 12:38:02 | 000,047,074 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2008/10/27 12:38:02 | 000,046,375 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2008/10/27 12:38:02 | 000,022,921 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
[2008/10/27 12:38:02 | 000,022,867 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab
[2008/10/27 12:38:02 | 000,019,512 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2008/10/27 12:38:00 | 000,804,900 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab
[2008/10/27 12:38:00 | 000,797,883 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2008/10/27 12:38:00 | 000,700,060 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2008/10/27 12:38:00 | 000,699,628 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2008/10/27 12:38:00 | 000,047,026 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2008/10/27 12:38:00 | 000,022,883 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2008/10/27 12:37:58 | 000,699,488 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2008/10/27 12:37:58 | 000,696,881 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2008/10/27 12:37:58 | 000,272,384 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
[2008/10/27 12:37:58 | 000,270,858 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
[2008/10/27 12:37:58 | 000,270,644 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
[2008/10/27 12:37:54 | 000,274,976 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab
[2008/10/27 12:37:54 | 000,273,627 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab
[2008/10/27 12:37:52 | 000,270,040 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
[2008/10/27 12:37:52 | 000,252,210 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2008/10/27 12:37:52 | 000,227,266 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2008/10/27 12:37:52 | 000,199,112 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2008/10/27 12:37:50 | 000,213,823 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2008/10/27 12:37:50 | 000,198,138 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2008/10/27 12:37:50 | 000,193,491 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2008/10/27 12:37:48 | 000,197,778 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2008/10/27 12:37:48 | 000,196,782 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2008/10/27 12:37:48 | 000,195,691 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2008/10/27 12:37:48 | 000,192,736 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2008/10/27 12:37:48 | 000,183,919 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2008/10/27 12:37:48 | 000,183,377 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,181,801 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,180,149 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,179,375 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2008/10/27 12:37:46 | 000,154,028 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2008/10/27 12:37:44 | 000,153,925 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2008/10/27 12:37:44 | 000,152,241 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2008/10/27 12:37:42 | 000,149,280 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2008/10/27 12:37:42 | 000,148,999 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2008/10/27 12:37:42 | 000,146,615 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2008/10/27 12:37:42 | 000,139,033 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2008/10/27 12:37:42 | 000,138,251 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2008/10/27 12:37:40 | 000,134,687 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2008/10/27 12:37:40 | 000,133,425 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2008/10/27 12:37:40 | 000,123,352 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2008/10/27 12:37:40 | 000,122,840 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
[2008/10/27 12:37:40 | 000,122,070 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
[2008/10/27 12:37:38 | 000,134,119 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2011/09/30 01:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\PriceGong


:files

:Commands
[purity]
[resethosts]
[emptytemp]
[Reboot]

Push
OTL may ask to reboot the machine. Please do so if asked.
Click the OK button.
A report will open. Copy and Paste that report in your next reply.
If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.

Step 2.

TDSSKiller

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3.

Download OTL to your Desktop
Double click on the icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top, make sure Standard output is selected.
Select Scan all users
Under Extra Registry select Use SafeList
Check the boxes beside LOP Check and Purity Check.
Under the Custom Scans/Fixes box copy and paste this in:

netsvcs
msconfig
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
iexplorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
C:\Windows\assembly\tmp\U\*.* /s
CREATERESTOREPOINT
Click the button. Do not change any settings unless otherwise told to do so. The scan won't take long.

When the scan completes, it will open OTL.Txt in Notepad window and the Extras.txt file on the task bar.
Please copy (Edit->Select All, Edit->Copy) the content of this file, the Extras.txt file, and post them with your next reply.

Step 5.

Please post:

OTL fix log
TDSSKiller log
OTL.txt
Extras.txt

What problems do you now have?

#5
Chad Oneal

Posted 17 November 2011 - 03:21 PM

Member

Topic Starter
Member
55 posts

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKU\S-1-5-21-261478415-2542434305-4085094211-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Unable to set value : HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E!
Unable to set value : HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E!
Unable to set value : HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-261478415-2542434305-4085094211-1009\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\AVG8_TRAY\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\cctray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Corel Photo Downloader\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\cssauth\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ctfmon.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\DiskeeperSystray\ deleted successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job moved successfully.
C:\WINDOWS\tasks\At9.job moved successfully.
C:\WINDOWS\tasks\At8.job moved successfully.
C:\WINDOWS\tasks\At7.job moved successfully.
C:\WINDOWS\tasks\At6.job moved successfully.
C:\WINDOWS\tasks\At5.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At11.job moved successfully.
C:\WINDOWS\tasks\At10.job moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
C:\Program Files\Apr2006_MDX1_x86_Archive.cab moved successfully.
C:\Program Files\Nov2008_d3dx9_40_x64.cab moved successfully.
C:\Program Files\Nov2007_d3dx9_36_x64.cab moved successfully.
C:\Program Files\AUG2007_d3dx9_35_x64.cab moved successfully.
C:\Program Files\Aug2008_d3dx9_39_x64.cab moved successfully.
C:\Program Files\JUN2008_d3dx9_38_x64.cab moved successfully.
C:\Program Files\Mar2008_d3dx9_37_x64.cab moved successfully.
C:\Program Files\Nov2007_d3dx9_36_x86.cab moved successfully.
C:\Program Files\AUG2007_d3dx9_35_x86.cab moved successfully.
C:\Program Files\APR2007_d3dx9_33_x64.cab moved successfully.
C:\Program Files\JUN2007_d3dx9_34_x64.cab moved successfully.
C:\Program Files\JUN2007_d3dx9_34_x86.cab moved successfully.
C:\Program Files\APR2007_d3dx9_33_x86.cab moved successfully.
C:\Program Files\DEC2006_d3dx9_32_x86.cab moved successfully.
C:\Program Files\DEC2006_d3dx9_32_x64.cab moved successfully.
C:\Program Files\Nov2008_d3dx9_40_x86.cab moved successfully.
C:\Program Files\Aug2008_d3dx9_39_x86.cab moved successfully.
C:\Program Files\JUN2008_d3dx9_38_x86.cab moved successfully.
C:\Program Files\OCT2006_d3dx9_31_x64.cab moved successfully.
C:\Program Files\Feb2006_d3dx9_29_x64.cab moved successfully.
C:\Program Files\Dec2005_d3dx9_28_x64.cab moved successfully.
C:\Program Files\Mar2008_d3dx9_37_x86.cab moved successfully.
C:\Program Files\Apr2006_d3dx9_30_x64.cab moved successfully.
C:\Program Files\Aug2005_d3dx9_27_x64.cab moved successfully.
C:\Program Files\Apr2005_d3dx9_25_x64.cab moved successfully.
C:\Program Files\Jun2005_d3dx9_26_x64.cab moved successfully.
C:\Program Files\Feb2005_d3dx9_24_x64.cab moved successfully.
C:\Program Files\BDANT.cab moved successfully.
C:\Program Files\OCT2006_d3dx9_31_x86.cab moved successfully.
C:\Program Files\Apr2006_d3dx9_30_x86.cab moved successfully.
C:\Program Files\Dec2005_d3dx9_28_x86.cab moved successfully.
C:\Program Files\Feb2006_d3dx9_29_x86.cab moved successfully.
C:\Program Files\Apr2005_d3dx9_25_x86.cab moved successfully.
C:\Program Files\Aug2005_d3dx9_27_x86.cab moved successfully.
C:\Program Files\Jun2005_d3dx9_26_x86.cab moved successfully.
C:\Program Files\Feb2005_d3dx9_24_x86.cab moved successfully.
C:\Program Files\Nov2008_d3dx10_40_x64.cab moved successfully.
C:\Program Files\Nov2008_XACT_x64.cab moved successfully.
C:\Program Files\APR2007_xinput_x64.cab moved successfully.
C:\Program Files\Mar2008_XACT_x86.cab moved successfully.
C:\Program Files\BDAXP.cab moved successfully.
C:\Program Files\Nov2008_d3dx10_40_x86.cab moved successfully.
C:\Program Files\Apr2006_MDX1_x86.cab moved successfully.
C:\Program Files\JUN2008_d3dx10_38_x64.cab moved successfully.
C:\Program Files\Aug2008_d3dx10_39_x64.cab moved successfully.
C:\Program Files\Nov2007_d3dx10_36_x64.cab moved successfully.
C:\Program Files\AUG2007_d3dx10_35_x64.cab moved successfully.
C:\Program Files\JUN2008_d3dx10_38_x86.cab moved successfully.
C:\Program Files\dxupdate.cab moved successfully.
C:\Program Files\JUN2008_XACT_x86.cab moved successfully.
C:\Program Files\Nov2008_X3DAudio_x64.cab moved successfully.
C:\Program Files\dxdllreg_x86.cab moved successfully.
C:\Program Files\Aug2008_d3dx10_39_x86.cab moved successfully.
C:\Program Files\Mar2008_d3dx10_37_x64.cab moved successfully.
C:\Program Files\Mar2008_d3dx10_37_x86.cab moved successfully.
C:\Program Files\Aug2008_XACT_x86.cab moved successfully.
C:\Program Files\Nov2008_XACT_x86.cab moved successfully.
C:\Program Files\AUG2006_xinput_x64.cab moved successfully.
C:\Program Files\Apr2006_xinput_x64.cab moved successfully.
C:\Program Files\Oct2005_xinput_x64.cab moved successfully.
C:\Program Files\JUN2008_X3DAudio_x64.cab moved successfully.
C:\Program Files\Mar2008_X3DAudio_x64.cab moved successfully.
C:\Program Files\APR2007_xinput_x86.cab moved successfully.
C:\Program Files\NOV2007_X3DAudio_x64.cab moved successfully.
C:\Program Files\AUG2006_xinput_x86.cab moved successfully.
C:\Program Files\Oct2005_xinput_x86.cab moved successfully.
C:\Program Files\JUN2008_X3DAudio_x86.cab moved successfully.
C:\Program Files\Nov2008_X3DAudio_x86.cab moved successfully.
C:\Program Files\NOV2007_X3DAudio_x86.cab moved successfully.
C:\Program Files\Nov2007_d3dx10_36_x86.cab moved successfully.
C:\Program Files\AUG2007_d3dx10_35_x86.cab moved successfully.
C:\Program Files\JUN2007_d3dx10_34_x64.cab moved successfully.
C:\Program Files\APR2007_d3dx10_33_x64.cab moved successfully.
C:\Program Files\Apr2006_xinput_x86.cab moved successfully.
C:\Program Files\Mar2008_X3DAudio_x86.cab moved successfully.
C:\Program Files\JUN2007_d3dx10_34_x86.cab moved successfully.
C:\Program Files\APR2007_d3dx10_33_x86.cab moved successfully.
C:\Program Files\Aug2008_XAudio_x64.cab moved successfully.
C:\Program Files\Aug2008_XAudio_x86.cab moved successfully.
C:\Program Files\JUN2008_XAudio_x64.cab moved successfully.
C:\Program Files\Nov2008_XAudio_x64.cab moved successfully.
C:\Program Files\Nov2008_XAudio_x86.cab moved successfully.
C:\Program Files\JUN2008_XAudio_x86.cab moved successfully.
C:\Program Files\Mar2008_XAudio_x64.cab moved successfully.
C:\Program Files\Mar2008_XAudio_x86.cab moved successfully.
C:\Program Files\AUG2007_XACT_x64.cab moved successfully.
C:\Program Files\DEC2006_d3dx10_00_x64.cab moved successfully.
C:\Program Files\JUN2007_XACT_x64.cab moved successfully.
C:\Program Files\DEC2006_XACT_x64.cab moved successfully.
C:\Program Files\NOV2007_XACT_x64.cab moved successfully.
C:\Program Files\APR2007_XACT_x64.cab moved successfully.
C:\Program Files\FEB2007_XACT_x64.cab moved successfully.
C:\Program Files\DEC2006_d3dx10_00_x86.cab moved successfully.
C:\Program Files\AUG2006_XACT_x64.cab moved successfully.
C:\Program Files\OCT2006_XACT_x64.cab moved successfully.
C:\Program Files\JUN2006_XACT_x64.cab moved successfully.
C:\Program Files\Apr2006_XACT_x64.cab moved successfully.
C:\Program Files\Feb2006_XACT_x64.cab moved successfully.
C:\Program Files\AUG2007_XACT_x86.cab moved successfully.
C:\Program Files\JUN2007_XACT_x86.cab moved successfully.
C:\Program Files\APR2007_XACT_x86.cab moved successfully.
C:\Program Files\NOV2007_XACT_x86.cab moved successfully.
C:\Program Files\FEB2007_XACT_x86.cab moved successfully.
C:\Program Files\DEC2006_XACT_x86.cab moved successfully.
C:\Program Files\OCT2006_XACT_x86.cab moved successfully.
C:\Program Files\AUG2006_XACT_x86.cab moved successfully.
C:\Program Files\JUN2006_XACT_x86.cab moved successfully.
C:\Program Files\Feb2006_XACT_x86.cab moved successfully.
C:\Program Files\Mar2008_XACT_x64.cab moved successfully.
C:\Program Files\Aug2008_XACT_x64.cab moved successfully.
C:\Program Files\JUN2008_XACT_x64.cab moved successfully.
C:\Program Files\Apr2006_XACT_x86.cab moved successfully.
C:\Documents and Settings\Chad\Application Data\PriceGong\Data folder moved successfully.
C:\Documents and Settings\Chad\Application Data\PriceGong folder moved successfully.
========== FILES ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 123 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Chad
->Temp folder emptied: 1409733 bytes
->Temporary Internet Files folder emptied: 14253644 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 146903089 bytes
->Flash cache emptied: 1297 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Joyce
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 36623 bytes

User: User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: User.LENOVO-7BC18E34
->Temp folder emptied: 1075 bytes
->Temporary Internet Files folder emptied: 123605 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 77303 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 155.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 11172011_155333

Files\Folders moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_508.dat moved successfully.

Registry entries deleted on Reboot...

16:01:19.0296 3636 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
16:01:21.0000 3636 ============================================================
16:01:21.0000 3636 Current date / time: 2011/11/17 16:01:21.0000
16:01:21.0000 3636 SystemInfo:
16:01:21.0000 3636
16:01:21.0000 3636 OS Version: 5.1.2600 ServicePack: 3.0
16:01:21.0000 3636 Product type: Workstation
16:01:21.0000 3636 ComputerName: LENOVO-7BC18E34
16:01:21.0000 3636 UserName: Chad
16:01:21.0000 3636 Windows directory: C:\WINDOWS
16:01:21.0000 3636 System windows directory: C:\WINDOWS
16:01:21.0000 3636 Processor architecture: Intel x86
16:01:21.0000 3636 Number of processors: 2
16:01:21.0000 3636 Page size: 0x1000
16:01:21.0000 3636 Boot type: Normal boot
16:01:21.0000 3636 ============================================================
16:01:21.0375 3636 Initialize success
16:01:45.0796 1424 ============================================================
16:01:45.0796 1424 Scan started
16:01:45.0796 1424 Mode: Manual; SigCheck; TDLFS;
16:01:45.0796 1424 ============================================================
16:01:46.0062 1424 Abiosdsk - ok
16:01:46.0093 1424 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:01:46.0515 1424 abp480n5 - ok
16:01:46.0578 1424 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
16:01:46.0703 1424 ac97intc - ok
16:01:46.0750 1424 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:01:46.0906 1424 ACPI - ok
16:01:46.0906 1424 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:01:47.0015 1424 ACPIEC - ok
16:01:47.0031 1424 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:01:47.0140 1424 adpu160m - ok
16:01:47.0203 1424 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:01:47.0328 1424 aec - ok
16:01:47.0375 1424 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
16:01:47.0437 1424 AegisP - ok
16:01:47.0484 1424 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:01:47.0546 1424 AFD - ok
16:01:47.0578 1424 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
16:01:47.0718 1424 agp440 - ok
16:01:47.0734 1424 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:01:47.0875 1424 agpCPQ - ok
16:01:47.0906 1424 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:01:47.0968 1424 Aha154x - ok
16:01:48.0000 1424 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:01:48.0125 1424 aic78u2 - ok
16:01:48.0171 1424 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:01:48.0281 1424 aic78xx - ok
16:01:48.0296 1424 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
16:01:48.0406 1424 AliIde - ok
16:01:48.0453 1424 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:01:48.0578 1424 alim1541 - ok
16:01:48.0609 1424 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:01:48.0718 1424 amdagp - ok
16:01:48.0734 1424 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
16:01:48.0796 1424 amsint - ok
16:01:48.0843 1424 ANC (11ab185a7af224800bbfb5b836974a17) C:\WINDOWS\system32\drivers\ANC.SYS
16:01:48.0875 1424 ANC ( UnsignedFile.Multi.Generic ) - warning
16:01:48.0875 1424 ANC - detected UnsignedFile.Multi.Generic (1)
16:01:48.0890 1424 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:01:49.0015 1424 Arp1394 - ok
16:01:49.0031 1424 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
16:01:49.0140 1424 asc - ok
16:01:49.0156 1424 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:01:49.0203 1424 asc3350p - ok
16:01:49.0218 1424 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:01:49.0312 1424 asc3550 - ok
16:01:49.0343 1424 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:01:49.0437 1424 AsyncMac - ok
16:01:49.0468 1424 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:01:49.0578 1424 atapi - ok
16:01:49.0578 1424 Atdisk - ok
16:01:49.0625 1424 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:01:49.0750 1424 Atmarpc - ok
16:01:49.0796 1424 ATSWPDRV (f70d2392158cb68e775f8c4cd3d12fbb) C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
16:02:05.0031 1424 ATSWPDRV - ok
16:02:05.0062 1424 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:02:05.0218 1424 audstub - ok
16:02:05.0250 1424 Avgfwdx (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
16:02:05.0265 1424 Avgfwdx - ok
16:02:05.0265 1424 Avgfwfd (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
16:02:05.0281 1424 Avgfwfd - ok
16:02:05.0296 1424 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
16:02:05.0343 1424 AVGIDSDriver - ok
16:02:05.0343 1424 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
16:02:05.0359 1424 AVGIDSEH - ok
16:02:05.0375 1424 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
16:02:05.0421 1424 AVGIDSFilter - ok
16:02:05.0468 1424 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
16:02:05.0484 1424 AVGIDSShim - ok
16:02:05.0531 1424 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
16:02:05.0562 1424 Avgldx86 - ok
16:02:05.0562 1424 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
16:02:05.0593 1424 Avgmfx86 - ok
16:02:05.0593 1424 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
16:02:05.0625 1424 Avgrkx86 - ok
16:02:05.0656 1424 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
16:02:05.0671 1424 Avgtdix - ok
16:02:05.0750 1424 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
16:02:05.0812 1424 b57w2k - ok
16:02:05.0859 1424 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:02:05.0968 1424 Beep - ok
16:02:06.0015 1424 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
16:02:06.0078 1424 BrScnUsb - ok
16:02:06.0125 1424 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
16:02:06.0312 1424 BthEnum - ok
16:02:06.0343 1424 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
16:02:06.0453 1424 BthPan - ok
16:02:06.0484 1424 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
16:02:06.0546 1424 BTHPORT - ok
16:02:06.0578 1424 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
16:02:06.0687 1424 BTHUSB - ok
16:02:06.0765 1424 BTKRNL (d84166d41a05f66d9084039427e5025b) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
16:02:06.0875 1424 BTKRNL - ok
16:02:06.0937 1424 BTWUSB (a01fd9851406de0870c23759e2f7b6ea) C:\WINDOWS\system32\Drivers\btwusb.sys
16:02:06.0953 1424 BTWUSB - ok
16:02:07.0015 1424 Cam5603D (594fea3e568c39cc2487a4bc2d7062d7) C:\WINDOWS\system32\Drivers\BisonCam.sys
16:02:16.0703 1424 Cam5603D - ok
16:02:16.0843 1424 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:02:17.0062 1424 cbidf - ok
16:02:17.0078 1424 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:02:17.0187 1424 cbidf2k - ok
16:02:17.0234 1424 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:02:17.0343 1424 CCDECODE - ok
16:02:17.0375 1424 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:02:17.0437 1424 cd20xrnt - ok
16:02:17.0468 1424 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:02:17.0593 1424 Cdaudio - ok
16:02:17.0625 1424 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:02:17.0718 1424 Cdfs - ok
16:02:17.0750 1424 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:02:17.0859 1424 Cdrom - ok
16:02:17.0859 1424 Changer - ok
16:02:17.0890 1424 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:02:18.0015 1424 CmBatt - ok
16:02:18.0031 1424 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:02:18.0140 1424 CmdIde - ok
16:02:18.0140 1424 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:02:18.0281 1424 Compbatt - ok
16:02:18.0296 1424 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:02:18.0406 1424 Cpqarray - ok
16:02:18.0453 1424 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:02:18.0546 1424 dac2w2k - ok
16:02:18.0578 1424 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:02:18.0687 1424 dac960nt - ok
16:02:18.0718 1424 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:02:18.0812 1424 Disk - ok
16:02:18.0875 1424 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
16:02:19.0046 1424 dmboot - ok
16:02:19.0062 1424 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
16:02:19.0171 1424 dmio - ok
16:02:19.0187 1424 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:02:19.0312 1424 dmload - ok
16:02:19.0343 1424 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:02:19.0484 1424 DMusic - ok
16:02:19.0515 1424 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:02:19.0609 1424 dpti2o - ok
16:02:19.0640 1424 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:02:19.0750 1424 drmkaud - ok
16:02:19.0765 1424 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:02:19.0890 1424 E100B - ok
16:02:19.0937 1424 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:02:20.0046 1424 Fastfat - ok
16:02:20.0078 1424 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:02:20.0187 1424 Fdc - ok
16:02:20.0234 1424 FilterService (f9183d35ad38f093d5e1aa8ba072d51b) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
16:02:20.0250 1424 FilterService - ok
16:02:20.0281 1424 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
16:02:20.0390 1424 Fips - ok
16:02:20.0406 1424 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:02:20.0531 1424 Flpydisk - ok
16:02:20.0578 1424 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:02:20.0671 1424 FltMgr - ok
16:02:20.0703 1424 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:02:20.0812 1424 Fs_Rec - ok
16:02:20.0828 1424 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:02:20.0937 1424 Ftdisk - ok
16:02:20.0984 1424 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:02:21.0000 1424 GEARAspiWDM - ok
16:02:21.0015 1424 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:02:21.0125 1424 Gpc - ok
16:02:21.0171 1424 HdAudAddService (c3c7500b837951492f81e68b7675cb77) C:\WINDOWS\system32\drivers\CHDAud.sys
16:02:21.0234 1424 HdAudAddService - ok
16:02:21.0296 1424 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:02:21.0406 1424 HDAudBus - ok
16:02:21.0421 1424 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:02:21.0531 1424 HidUsb - ok
16:02:21.0578 1424 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
16:02:21.0671 1424 hpn - ok
16:02:21.0718 1424 HSFHWAZL (51c250fb82c12ab8b0a68b246943092c) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
16:02:21.0781 1424 HSFHWAZL - ok
16:02:21.0828 1424 HSF_DPV (bd2abf12938a2fccc340873412c2b2ab) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
16:02:21.0937 1424 HSF_DPV - ok
16:02:22.0000 1424 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:02:22.0062 1424 HTTP - ok
16:02:22.0125 1424 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
16:02:22.0234 1424 i2omgmt - ok
16:02:22.0250 1424 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:02:22.0437 1424 i2omp - ok
16:02:22.0484 1424 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:02:22.0656 1424 i8042prt - ok
16:02:22.0906 1424 ialm (c1c2d6940d6ec2f247b0f3c11e0a18e0) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
16:02:23.0312 1424 ialm - ok
16:02:23.0375 1424 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\WINDOWS\system32\DRIVERS\iaStor.sys
16:02:23.0390 1424 iaStor - ok
16:02:23.0453 1424 IBMTPCHK (083d095fed4b01fff9d501b98d50db68) C:\WINDOWS\system32\Drivers\IBMBLDID.sys
16:02:23.0453 1424 IBMTPCHK ( UnsignedFile.Multi.Generic ) - warning
16:02:23.0453 1424 IBMTPCHK - detected UnsignedFile.Multi.Generic (1)
16:02:23.0468 1424 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:02:23.0671 1424 Imapi - ok
16:02:23.0703 1424 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:02:23.0796 1424 ini910u - ok
16:02:23.0828 1424 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
16:02:23.0937 1424 IntelIde - ok
16:02:23.0984 1424 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:02:24.0078 1424 intelppm - ok
16:02:24.0125 1424 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:02:24.0234 1424 Ip6Fw - ok
16:02:24.0250 1424 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:02:24.0375 1424 IpFilterDriver - ok
16:02:24.0390 1424 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:02:24.0484 1424 IpInIp - ok
16:02:24.0531 1424 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:02:24.0656 1424 IpNat - ok
16:02:24.0687 1424 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:02:24.0812 1424 IPSec - ok
16:02:24.0859 1424 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:02:24.0953 1424 IRENUM - ok
16:02:24.0984 1424 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:02:25.0093 1424 isapnp - ok
16:02:25.0125 1424 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
16:02:25.0140 1424 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
16:02:25.0140 1424 Iviaspi - detected UnsignedFile.Multi.Generic (1)
16:02:25.0187 1424 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:02:25.0296 1424 Kbdclass - ok
16:02:25.0328 1424 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:02:25.0437 1424 kmixer - ok
16:02:25.0468 1424 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:02:25.0546 1424 KSecDD - ok
16:02:25.0562 1424 lbrtfdc - ok
16:02:25.0609 1424 lvpopflt (f61a8ff029614e403e9d001a6741981f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
16:02:25.0625 1424 lvpopflt - ok
16:02:25.0656 1424 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
16:02:25.0671 1424 LVPr2Mon - ok
16:02:25.0734 1424 LVRS (f01fc94eb8f39f7d6e5f5b367473381e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
16:02:25.0750 1424 LVRS - ok
16:02:26.0046 1424 LVUVC (caffd79278b3d8fe75fdfe1b66c2565f) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
16:02:26.0671 1424 LVUVC - ok
16:02:26.0718 1424 LxrSII1d (7c12f93c005021861a36c11df951891a) C:\WINDOWS\system32\Drivers\LxrSII1d.sys
16:02:26.0734 1424 LxrSII1d ( UnsignedFile.Multi.Generic ) - warning
16:02:26.0734 1424 LxrSII1d - detected UnsignedFile.Multi.Generic (1)
16:02:26.0828 1424 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
16:02:26.0859 1424 mcdbus ( UnsignedFile.Multi.Generic ) - warning
16:02:26.0859 1424 mcdbus - detected UnsignedFile.Multi.Generic (1)
16:02:26.0906 1424 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:02:26.0937 1424 mdmxsdk - ok
16:02:26.0984 1424 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:02:27.0156 1424 mnmdd - ok
16:02:27.0203 1424 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
16:02:27.0343 1424 Modem - ok
16:02:27.0375 1424 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:02:27.0484 1424 Mouclass - ok
16:02:27.0515 1424 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:02:27.0640 1424 mouhid - ok
16:02:27.0671 1424 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:02:27.0781 1424 MountMgr - ok
16:02:27.0812 1424 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:02:27.0906 1424 mraid35x - ok
16:02:27.0984 1424 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
16:02:27.0984 1424 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
16:02:27.0984 1424 MREMP50 - detected UnsignedFile.Multi.Generic (1)
16:02:28.0000 1424 MREMP50a64 - ok
16:02:28.0015 1424 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
16:02:28.0031 1424 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
16:02:28.0031 1424 MRESP50 - detected UnsignedFile.Multi.Generic (1)
16:02:28.0031 1424 MRESP50a64 - ok
16:02:28.0062 1424 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:02:28.0171 1424 MRxDAV - ok
16:02:28.0250 1424 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:02:28.0359 1424 MRxSmb - ok
16:02:28.0406 1424 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:02:28.0500 1424 Msfs - ok
16:02:28.0546 1424 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:02:28.0656 1424 MSKSSRV - ok
16:02:28.0703 1424 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:02:28.0843 1424 MSPCLOCK - ok
16:02:28.0859 1424 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:02:29.0000 1424 MSPQM - ok
16:02:29.0046 1424 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:02:29.0140 1424 mssmbios - ok
16:02:29.0171 1424 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:02:29.0281 1424 MSTEE - ok
16:02:29.0296 1424 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:02:29.0359 1424 Mup - ok
16:02:29.0406 1424 n558 (88705dc61b9275b82e48904d53031f5b) C:\WINDOWS\system32\Drivers\n558.sys
16:02:29.0453 1424 n558 - ok
16:02:29.0500 1424 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:02:29.0625 1424 NABTSFEC - ok
16:02:29.0656 1424 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:02:29.0750 1424 NDIS - ok
16:02:29.0781 1424 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:02:29.0906 1424 NdisIP - ok
16:02:29.0953 1424 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:02:30.0015 1424 NdisTapi - ok
16:02:30.0046 1424 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:02:30.0187 1424 Ndisuio - ok
16:02:30.0218 1424 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:02:30.0390 1424 NdisWan - ok
16:02:30.0437 1424 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:02:30.0531 1424 NDProxy - ok
16:02:30.0562 1424 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:02:30.0687 1424 NetBIOS - ok
16:02:30.0734 1424 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:02:30.0843 1424 NetBT - ok
16:02:30.0953 1424 NETw4x32 (18b2d3e11ed7a3c898ade6a6692b6929) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
16:02:31.0156 1424 NETw4x32 - ok
16:02:31.0203 1424 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:02:31.0312 1424 NIC1394 - ok
16:02:31.0328 1424 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:02:31.0453 1424 Npfs - ok
16:02:31.0484 1424 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:02:31.0671 1424 Ntfs - ok
16:02:31.0703 1424 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:02:31.0843 1424 Null - ok
16:02:31.0921 1424 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:02:32.0156 1424 nv - ok
16:02:32.0187 1424 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:02:32.0343 1424 NwlnkFlt - ok
16:02:32.0359 1424 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:02:32.0531 1424 NwlnkFwd - ok
16:02:32.0562 1424 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:02:32.0671 1424 ohci1394 - ok
16:02:32.0703 1424 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
16:02:32.0828 1424 Parport - ok
16:02:32.0859 1424 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:02:32.0968 1424 PartMgr - ok
16:02:33.0000 1424 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
16:02:33.0109 1424 ParVdm - ok
16:02:33.0125 1424 PcdrNdisuio - ok
16:02:33.0140 1424 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
16:02:33.0250 1424 PCI - ok
16:02:33.0250 1424 PCIDump - ok
16:02:33.0281 1424 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:02:33.0375 1424 PCIIde - ok
16:02:33.0437 1424 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:02:33.0546 1424 Pcmcia - ok
16:02:33.0562 1424 PDCOMP - ok
16:02:33.0562 1424 PDFRAME - ok
16:02:33.0578 1424 PDRELI - ok
16:02:33.0593 1424 PDRFRAME - ok
16:02:33.0609 1424 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
16:02:33.0718 1424 perc2 - ok
16:02:33.0734 1424 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:02:33.0859 1424 perc2hib - ok
16:02:33.0906 1424 pmem (dedef40e1d05842639491365cb2c069e) C:\WINDOWS\System32\drivers\pmemnt.sys
16:02:33.0921 1424 pmem ( UnsignedFile.Multi.Generic ) - warning
16:02:33.0921 1424 pmem - detected UnsignedFile.Multi.Generic (1)
16:02:33.0984 1424 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:02:34.0093 1424 PptpMiniport - ok
16:02:34.0140 1424 PROCDD (c9ca089787aa4ca892f2173a8e15c1b0) C:\WINDOWS\system32\DRIVERS\PROCDD.SYS
16:02:34.0140 1424 PROCDD - ok
16:02:34.0156 1424 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
16:02:34.0265 1424 Processor - ok
16:02:34.0312 1424 psadd (aac08defb15aaab00b30341c716efa35) C:\WINDOWS\system32\DRIVERS\psadd.sys
16:02:34.0359 1424 psadd - ok
16:02:34.0359 1424 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:02:34.0468 1424 PSched - ok
16:02:34.0500 1424 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:02:34.0625 1424 Ptilink - ok
16:02:34.0656 1424 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:02:34.0671 1424 PxHelp20 - ok
16:02:34.0703 1424 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:02:34.0812 1424 ql1080 - ok
16:02:34.0828 1424 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:02:34.0953 1424 Ql10wnt - ok
16:02:34.0953 1424 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:02:35.0062 1424 ql12160 - ok
16:02:35.0078 1424 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:02:35.0187 1424 ql1240 - ok
16:02:35.0203 1424 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:02:35.0296 1424 ql1280 - ok
16:02:35.0343 1424 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:02:35.0468 1424 RasAcd - ok
16:02:35.0515 1424 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:02:35.0625 1424 Rasl2tp - ok
16:02:35.0640 1424 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:02:35.0734 1424 RasPppoe - ok
16:02:35.0750 1424 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:02:35.0859 1424 Raspti - ok
16:02:35.0906 1424 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:02:36.0031 1424 Rdbss - ok
16:02:36.0062 1424 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:02:36.0156 1424 RDPCDD - ok
16:02:36.0234 1424 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:02:36.0328 1424 rdpdr - ok
16:02:36.0390 1424 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:02:36.0437 1424 RDPWD - ok
16:02:36.0500 1424 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:02:36.0593 1424 redbook - ok
16:02:36.0671 1424 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
16:02:36.0796 1424 RFCOMM - ok
16:02:36.0828 1424 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
16:02:36.0890 1424 rimmptsk - ok
16:02:36.0906 1424 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
16:02:36.0953 1424 rimsptsk - ok
16:02:36.0968 1424 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
16:02:37.0000 1424 rismxdp - ok
16:02:37.0062 1424 s24trans (2220783b32a9f91df87f3e8315f091e7) C:\WINDOWS\system32\DRIVERS\s24trans.sys
16:02:37.0093 1424 s24trans ( UnsignedFile.Multi.Generic ) - warning
16:02:37.0093 1424 s24trans - detected UnsignedFile.Multi.Generic (1)
16:02:37.0203 1424 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:02:37.0218 1424 SASDIFSV - ok
16:02:37.0250 1424 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:02:37.0265 1424 SASKUTIL - ok
16:02:37.0328 1424 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
16:02:37.0500 1424 sdbus - ok
16:02:37.0546 1424 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:02:37.0625 1424 Secdrv - ok
16:02:37.0703 1424 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:02:37.0812 1424 serenum - ok
16:02:37.0843 1424 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
16:02:37.0953 1424 Serial - ok
16:02:38.0000 1424 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
16:02:38.0109 1424 sffdisk - ok
16:02:38.0140 1424 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
16:02:38.0250 1424 sffp_sd - ok
16:02:38.0281 1424 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
16:02:38.0390 1424 Sfloppy - ok
16:02:38.0406 1424 Simbad - ok
16:02:38.0453 1424 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:02:38.0562 1424 sisagp - ok
16:02:38.0593 1424 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:02:38.0718 1424 SLIP - ok
16:02:38.0750 1424 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:02:38.0812 1424 Sparrow - ok
16:02:38.0843 1424 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:02:38.0953 1424 splitter - ok
16:02:39.0000 1424 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
16:02:39.0109 1424 sr - ok
16:02:39.0156 1424 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:02:39.0234 1424 Srv - ok
16:02:39.0296 1424 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:02:39.0406 1424 streamip - ok
16:02:39.0453 1424 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:02:39.0546 1424 swenum - ok
16:02:39.0593 1424 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:02:39.0750 1424 swmidi - ok
16:02:39.0796 1424 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
16:02:39.0875 1424 symc810 - ok
16:02:39.0890 1424 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:02:40.0031 1424 symc8xx - ok
16:02:40.0046 1424 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:02:40.0140 1424 sym_hi - ok
16:02:40.0156 1424 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:02:40.0281 1424 sym_u3 - ok
16:02:40.0312 1424 SynTP (4c99d3c37e8e261e141304b2936196cb) C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:02:40.0375 1424 SynTP - ok
16:02:40.0421 1424 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:02:40.0546 1424 sysaudio - ok
16:02:40.0609 1424 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:02:40.0765 1424 Tcpip - ok
16:02:40.0796 1424 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:02:40.0968 1424 TDPIPE - ok
16:02:41.0031 1424 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:02:41.0140 1424 TDTCP - ok
16:02:41.0171 1424 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:02:41.0281 1424 TermDD - ok
16:02:41.0328 1424 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
16:02:41.0421 1424 TosIde - ok
16:02:41.0468 1424 TSMAPIP (ea856d91b3c088ce331e7740c72f43a3) C:\WINDOWS\system32\drivers\TSMAPIP.SYS
16:02:41.0468 1424 TSMAPIP - ok
16:02:41.0531 1424 tvtfilter (49258a02a1e8d304ed88b0f1c56b1738) C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
16:02:41.0562 1424 tvtfilter - ok
16:02:41.0609 1424 TVTPktFilter (0727cce3ff1a4446f4a1d507361567ab) C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys
16:02:41.0656 1424 TVTPktFilter - ok
16:02:41.0687 1424 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:02:41.0796 1424 Udfs - ok
16:02:41.0812 1424 UIUSys - ok
16:02:41.0828 1424 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
16:02:41.0890 1424 ultra - ok
16:02:41.0937 1424 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:02:42.0078 1424 Update - ok
16:02:42.0140 1424 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
16:02:42.0187 1424 USBAAPL - ok
16:02:42.0265 1424 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:02:42.0421 1424 usbaudio - ok
16:02:42.0453 1424 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:02:42.0609 1424 usbccgp - ok
16:02:42.0640 1424 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:02:42.0796 1424 usbehci - ok
16:02:42.0843 1424 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:02:42.0984 1424 usbhub - ok
16:02:43.0031 1424 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:02:43.0156 1424 usbprint - ok
16:02:43.0203 1424 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:02:43.0312 1424 usbscan - ok
16:02:43.0359 1424 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:02:43.0453 1424 USBSTOR - ok
16:02:43.0468 1424 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:02:43.0578 1424 usbuhci - ok
16:02:43.0625 1424 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:02:43.0718 1424 usbvideo - ok
16:02:43.0750 1424 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:02:43.0828 1424 VgaSave - ok
16:02:43.0890 1424 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:02:44.0000 1424 viaagp - ok
16:02:44.0031 1424 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
16:02:44.0156 1424 ViaIde - ok
16:02:44.0187 1424 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
16:02:44.0281 1424 VolSnap - ok
16:02:44.0359 1424 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:02:44.0468 1424 Wanarp - ok
16:02:44.0484 1424 WDICA - ok
16:02:44.0515 1424 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:02:44.0609 1424 wdmaud - ok
16:02:44.0687 1424 winachsf (ea2ab3c94b1aee6aa22d543f1f0c62aa) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:02:44.0765 1424 winachsf - ok
16:02:44.0828 1424 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
16:02:44.0921 1424 WmiAcpi - ok
16:02:44.0968 1424 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:02:45.0062 1424 WSTCODEC - ok
16:02:45.0109 1424 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:02:45.0187 1424 WudfPf - ok
16:02:45.0234 1424 MBR (0x1B8) (8541e89160ea0cb9aceea2505a7c0a04) \Device\Harddisk0\DR0
16:02:45.0343 1424 \Device\Harddisk0\DR0 - ok
16:02:45.0343 1424 Boot (0x1200) (26dab5cdfc7d8afc3132c121c952eb78) \Device\Harddisk0\DR0\Partition0
16:02:45.0343 1424 \Device\Harddisk0\DR0\Partition0 - ok
16:02:45.0343 1424 ============================================================
16:02:45.0343 1424 Scan finished
16:02:45.0343 1424 ============================================================
16:02:45.0484 5620 Detected object count: 9
16:02:45.0484 5620 Actual detected object count: 9
16:03:17.0796 5620 ANC ( UnsignedFile.Multi.Generic ) - skipped by user
16:03:17.0796 5620 ANC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:03:17.0796 5620 IBMTPCHK ( UnsignedFile.Multi.Generic ) - skipped by user
16:03:17.0796 5620 IBMTPCHK ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:03:17.0796 5620 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
16:03:17.0796 5620 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:03:17.0812 5620 LxrSII1d ( UnsignedFile.Multi.Generic ) - skipped by user
16:03:17.0812 5620 LxrSII1d ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:03:17.0812 5620 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
16:03:17.0812 5620 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:03:17.0812 5620 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
16:03:17.0812 5620 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:03:17.0812 5620 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
16:03:17.0812 5620 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:03:17.0812 5620 pmem ( UnsignedFile.Multi.Generic ) - skipped by user
16:03:17.0812 5620 pmem ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:03:17.0828 5620 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
16:03:17.0828 5620 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:03:36.0531 4288 ============================================================
16:03:36.0531 4288 Scan started
16:03:36.0531 4288 Mode: Manual; SigCheck; TDLFS;
16:03:36.0531 4288 ============================================================
16:03:36.0859 4288 Abiosdsk - ok
16:03:36.0875 4288 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:03:36.0984 4288 abp480n5 - ok
16:03:37.0000 4288 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
16:03:37.0125 4288 ac97intc - ok
16:03:37.0171 4288 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:03:37.0265 4288 ACPI - ok
16:03:37.0281 4288 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:03:37.0390 4288 ACPIEC - ok
16:03:37.0406 4288 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:03:37.0531 4288 adpu160m - ok
16:03:37.0578 4288 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:03:37.0687 4288 aec - ok
16:03:37.0765 4288 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
16:03:37.0812 4288 AegisP - ok
16:03:37.0843 4288 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:03:37.0875 4288 AFD - ok
16:03:37.0921 4288 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
16:03:38.0015 4288 agp440 - ok
16:03:38.0031 4288 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:03:38.0125 4288 agpCPQ - ok
16:03:38.0140 4288 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:03:38.0203 4288 Aha154x - ok
16:03:38.0234 4288 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:03:38.0343 4288 aic78u2 - ok
16:03:38.0359 4288 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:03:38.0468 4288 aic78xx - ok
16:03:38.0484 4288 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
16:03:38.0578 4288 AliIde - ok
16:03:38.0625 4288 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:03:38.0718 4288 alim1541 - ok
16:03:38.0750 4288 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:03:38.0843 4288 amdagp - ok
16:03:38.0843 4288 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
16:03:38.0921 4288 amsint - ok
16:03:38.0968 4288 ANC (11ab185a7af224800bbfb5b836974a17) C:\WINDOWS\system32\drivers\ANC.SYS
16:03:38.0968 4288 ANC ( UnsignedFile.Multi.Generic ) - warning
16:03:38.0968 4288 ANC - detected UnsignedFile.Multi.Generic (1)
16:03:39.0015 4288 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:03:39.0125 4288 Arp1394 - ok
16:03:39.0156 4288 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
16:03:39.0250 4288 asc - ok
16:03:39.0265 4288 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:03:39.0312 4288 asc3350p - ok
16:03:39.0328 4288 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:03:39.0421 4288 asc3550 - ok
16:03:39.0468 4288 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:03:39.0562 4288 AsyncMac - ok
16:03:39.0593 4288 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:03:39.0687 4288 atapi - ok
16:03:39.0687 4288 Atdisk - ok
16:03:39.0765 4288 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:03:39.0875 4288 Atmarpc - ok
16:03:39.0906 4288 ATSWPDRV (f70d2392158cb68e775f8c4cd3d12fbb) C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
16:03:39.0921 4288 ATSWPDRV - ok
16:03:39.0937 4288 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:03:40.0062 4288 audstub - ok
16:03:40.0093 4288 Avgfwdx (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
16:03:40.0109 4288 Avgfwdx - ok
16:03:40.0109 4288 Avgfwfd (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
16:03:40.0125 4288 Avgfwfd - ok
16:03:40.0140 4288 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
16:03:40.0171 4288 AVGIDSDriver - ok
16:03:40.0187 4288 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
16:03:40.0187 4288 AVGIDSEH - ok
16:03:40.0218 4288 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
16:03:40.0234 4288 AVGIDSFilter - ok
16:03:40.0265 4288 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
16:03:40.0281 4288 AVGIDSShim - ok
16:03:40.0343 4288 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
16:03:40.0359 4288 Avgldx86 - ok
16:03:40.0375 4288 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
16:03:40.0390 4288 Avgmfx86 - ok
16:03:40.0406 4288 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
16:03:40.0406 4288 Avgrkx86 - ok
16:03:40.0453 4288 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
16:03:40.0468 4288 Avgtdix - ok
16:03:40.0515 4288 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
16:03:40.0531 4288 b57w2k - ok
16:03:40.0546 4288 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:03:40.0671 4288 Beep - ok
16:03:40.0718 4288 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
16:03:40.0750 4288 BrScnUsb - ok
16:03:40.0812 4288 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
16:03:40.0937 4288 BthEnum - ok
16:03:41.0046 4288 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
16:03:41.0187 4288 BthPan - ok
16:03:41.0250 4288 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
16:03:41.0281 4288 BTHPORT - ok
16:03:41.0343 4288 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
16:03:41.0515 4288 BTHUSB - ok
16:03:41.0593 4288 BTKRNL (d84166d41a05f66d9084039427e5025b) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
16:03:41.0656 4288 BTKRNL - ok
16:03:41.0703 4288 BTWUSB (a01fd9851406de0870c23759e2f7b6ea) C:\WINDOWS\system32\Drivers\btwusb.sys
16:03:41.0718 4288 BTWUSB - ok
16:03:41.0796 4288 Cam5603D (594fea3e568c39cc2487a4bc2d7062d7) C:\WINDOWS\system32\Drivers\BisonCam.sys
16:03:41.0828 4288 Cam5603D - ok
16:03:41.0859 4288 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:03:41.0968 4288 cbidf - ok
16:03:41.0984 4288 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:03:42.0078 4288 cbidf2k - ok
16:03:42.0109 4288 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:03:42.0265 4288 CCDECODE - ok
16:03:42.0296 4288 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:03:42.0343 4288 cd20xrnt - ok
16:03:42.0375 4288 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:03:42.0484 4288 Cdaudio - ok
16:03:42.0500 4288 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:03:42.0609 4288 Cdfs - ok
16:03:42.0640 4288 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:03:42.0734 4288 Cdrom - ok
16:03:42.0750 4288 Changer - ok
16:03:42.0796 4288 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:03:42.0890 4288 CmBatt - ok
16:03:42.0921 4288 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:03:43.0015 4288 CmdIde - ok
16:03:43.0031 4288 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:03:43.0140 4288 Compbatt - ok
16:03:43.0156 4288 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:03:43.0265 4288 Cpqarray - ok
16:03:43.0296 4288 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:03:43.0390 4288 dac2w2k - ok
16:03:43.0406 4288 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:03:43.0500 4288 dac960nt - ok
16:03:43.0531 4288 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:03:43.0640 4288 Disk - ok
16:03:43.0687 4288 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
16:03:43.0812 4288 dmboot - ok
16:03:43.0812 4288 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
16:03:43.0937 4288 dmio - ok
16:03:43.0953 4288 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:03:44.0046 4288 dmload - ok
16:03:44.0078 4288 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:03:44.0203 4288 DMusic - ok
16:03:44.0218 4288 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:03:44.0296 4288 dpti2o - ok
16:03:44.0312 4288 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:03:44.0421 4288 drmkaud - ok
16:03:44.0453 4288 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:03:44.0562 4288 E100B - ok
16:03:44.0609 4288 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:03:44.0718 4288 Fastfat - ok
16:03:44.0765 4288 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:03:44.0859 4288 Fdc - ok
16:03:44.0906 4288 FilterService (f9183d35ad38f093d5e1aa8ba072d51b) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
16:03:44.0921 4288 FilterService - ok
16:03:44.0953 4288 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
16:03:45.0046 4288 Fips - ok
16:03:45.0093 4288 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:03:45.0203 4288 Flpydisk - ok
16:03:45.0250 4288 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:03:45.0343 4288 FltMgr - ok
16:03:45.0375 4288 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:03:45.0484 4288 Fs_Rec - ok
16:03:45.0500 4288 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:03:45.0609 4288 Ftdisk - ok
16:03:45.0640 4288 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:03:45.0656 4288 GEARAspiWDM - ok
16:03:45.0671 4288 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:03:45.0781 4288 Gpc - ok
16:03:45.0812 4288 HdAudAddService (c3c7500b837951492f81e68b7675cb77) C:\WINDOWS\system32\drivers\CHDAud.sys
16:03:45.0875 4288 HdAudAddService - ok
16:03:45.0937 4288 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:03:46.0046 4288 HDAudBus - ok
16:03:46.0062 4288 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:03:46.0156 4288 HidUsb - ok
16:03:46.0203 4288 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
16:03:46.0296 4288 hpn - ok
16:03:46.0328 4288 HSFHWAZL (51c250fb82c12ab8b0a68b246943092c) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
16:03:46.0343 4288 HSFHWAZL - ok
16:03:46.0421 4288 HSF_DPV (bd2abf12938a2fccc340873412c2b2ab) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
16:03:46.0500 4288 HSF_DPV - ok
16:03:46.0546 4288 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:03:46.0578 4288 HTTP - ok
16:03:46.0609 4288 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
16:03:46.0703 4288 i2omgmt - ok
16:03:46.0750 4288 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:03:46.0843 4288 i2omp - ok
16:03:46.0875 4288 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:03:46.0968 4288 i8042prt - ok
16:03:47.0171 4288 ialm (c1c2d6940d6ec2f247b0f3c11e0a18e0) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
16:03:47.0406 4288 ialm - ok
16:03:47.0453 4288 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\WINDOWS\system32\DRIVERS\iaStor.sys
16:03:47.0468 4288 iaStor - ok
16:03:47.0531 4288 IBMTPCHK (083d095fed4b01fff9d501b98d50db68) C:\WINDOWS\system32\Drivers\IBMBLDID.sys
16:03:47.0531 4288 IBMTPCHK ( UnsignedFile.Multi.Generic ) - warning
16:03:47.0531 4288 IBMTPCHK - detected UnsignedFile.Multi.Generic (1)
16:03:47.0546 4288 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:03:47.0703 4288 Imapi - ok
16:03:47.0812 4288 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:03:47.0906 4288 ini910u - ok
16:03:47.0937 4288 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
16:03:48.0046 4288 IntelIde - ok
16:03:48.0078 4288 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:03:48.0187 4288 intelppm - ok
16:03:48.0234 4288 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:03:48.0343 4288 Ip6Fw - ok
16:03:48.0359 4288 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:03:48.0437 4288 IpFilterDriver - ok
16:03:48.0484 4288 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:03:48.0578 4288 IpInIp - ok
16:03:48.0609 4288 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:03:48.0718 4288 IpNat - ok
16:03:48.0750 4288 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:03:48.0859 4288 IPSec - ok
16:03:48.0875 4288 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:03:48.0968 4288 IRENUM - ok
16:03:49.0000 4288 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:03:49.0109 4288 isapnp - ok
16:03:49.0156 4288 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
16:03:49.0171 4288 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
16:03:49.0171 4288 Iviaspi - detected UnsignedFile.Multi.Generic (1)
16:03:49.0203 4288 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:03:49.0296 4288 Kbdclass - ok
16:03:49.0328 4288 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:03:49.0421 4288 kmixer - ok
16:03:49.0453 4288 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:03:49.0484 4288 KSecDD - ok
16:03:49.0500 4288 lbrtfdc - ok
16:03:49.0546 4288 lvpopflt (f61a8ff029614e403e9d001a6741981f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
16:03:49.0562 4288 lvpopflt - ok
16:03:49.0593 4288 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
16:03:49.0625 4288 LVPr2Mon - ok
16:03:49.0671 4288 LVRS (f01fc94eb8f39f7d6e5f5b367473381e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
16:03:49.0687 4288 LVRS - ok
16:03:50.0000 4288 LVUVC (caffd79278b3d8fe75fdfe1b66c2565f) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
16:03:50.0437 4288 LVUVC - ok
16:03:50.0484 4288 LxrSII1d (7c12f93c005021861a36c11df951891a) C:\WINDOWS\system32\Drivers\LxrSII1d.sys
16:03:50.0500 4288 LxrSII1d ( UnsignedFile.Multi.Generic ) - warning
16:03:50.0500 4288 LxrSII1d - detected UnsignedFile.Multi.Generic (1)
16:03:50.0546 4288 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
16:03:50.0578 4288 mcdbus ( UnsignedFile.Multi.Generic ) - warning
16:03:50.0578 4288 mcdbus - detected UnsignedFile.Multi.Generic (1)
16:03:50.0625 4288 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:03:50.0640 4288 mdmxsdk - ok
16:03:50.0687 4288 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:03:50.0812 4288 mnmdd - ok
16:03:50.0843 4288 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
16:03:50.0953 4288 Modem - ok
16:03:50.0968 4288 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:03:51.0078 4288 Mouclass - ok
16:03:51.0125 4288 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:03:51.0250 4288 mouhid - ok
16:03:51.0281 4288 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:03:51.0390 4288 MountMgr - ok
16:03:51.0421 4288 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:03:51.0515 4288 mraid35x - ok
16:03:51.0593 4288 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
16:03:51.0609 4288 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
16:03:51.0609 4288 MREMP50 - detected UnsignedFile.Multi.Generic (1)
16:03:51.0609 4288 MREMP50a64 - ok
16:03:51.0625 4288 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
16:03:51.0640 4288 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
16:03:51.0640 4288 MRESP50 - detected UnsignedFile.Multi.Generic (1)
16:03:51.0656 4288 MRESP50a64 - ok
16:03:51.0671 4288 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:03:51.0765 4288 MRxDAV - ok
16:03:51.0828 4288 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:03:51.0875 4288 MRxSmb - ok
16:03:51.0906 4288 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:03:52.0000 4288 Msfs - ok
16:03:52.0031 4288 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:03:52.0125 4288 MSKSSRV - ok
16:03:52.0156 4288 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:03:52.0265 4288 MSPCLOCK - ok
16:03:52.0281 4288 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:03:52.0390 4288 MSPQM - ok
16:03:52.0421 4288 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:03:52.0546 4288 mssmbios - ok
16:03:52.0578 4288 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:03:52.0687 4288 MSTEE - ok
16:03:52.0703 4288 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:03:52.0734 4288 Mup - ok
16:03:52.0796 4288 n558 (88705dc61b9275b82e48904d53031f5b) C:\WINDOWS\system32\Drivers\n558.sys
16:03:52.0828 4288 n558 - ok
16:03:52.0843 4288 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:03:52.0968 4288 NABTSFEC - ok
16:03:53.0015 4288 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:03:53.0109 4288 NDIS - ok
16:03:53.0156 4288 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:03:53.0265 4288 NdisIP - ok
16:03:53.0296 4288 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:03:53.0328 4288 NdisTapi - ok
16:03:53.0359 4288 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:03:53.0453 4288 Ndisuio - ok
16:03:53.0500 4288 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:03:53.0593 4288 NdisWan - ok
16:03:53.0656 4288 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:03:53.0671 4288 NDProxy - ok
16:03:53.0718 4288 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:03:53.0828 4288 NetBIOS - ok
16:03:53.0875 4288 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:03:53.0984 4288 NetBT - ok
16:03:54.0093 4288 NETw4x32 (18b2d3e11ed7a3c898ade6a6692b6929) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
16:03:54.0218 4288 NETw4x32 - ok
16:03:54.0265 4288 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:03:54.0375 4288 NIC1394 - ok
16:03:54.0406 4288 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:03:54.0500 4288 Npfs - ok
16:03:54.0546 4288 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:03:54.0718 4288 Ntfs - ok
16:03:54.0781 4288 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:03:54.0906 4288 Null - ok
16:03:55.0046 4288 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:03:55.0187 4288 nv - ok
16:03:55.0250 4288 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:03:55.0359 4288 NwlnkFlt - ok
16:03:55.0375 4288 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:03:55.0468 4288 NwlnkFwd - ok
16:03:55.0500 4288 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:03:55.0609 4288 ohci1394 - ok
16:03:55.0640 4288 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
16:03:55.0750 4288 Parport - ok
16:03:55.0781 4288 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:03:55.0875 4288 PartMgr - ok
16:03:55.0906 4288 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
16:03:56.0015 4288 ParVdm - ok
16:03:56.0046 4288 PcdrNdisuio - ok
16:03:56.0046 4288 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
16:03:56.0171 4288 PCI - ok
16:03:56.0187 4288 PCIDump - ok
16:03:56.0203 4288 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:03:56.0312 4288 PCIIde - ok
16:03:56.0359 4288 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:03:56.0468 4288 Pcmcia - ok
16:03:56.0484 4288 PDCOMP - ok
16:03:56.0484 4288 PDFRAME - ok
16:03:56.0500 4288 PDRELI - ok
16:03:56.0515 4288 PDRFRAME - ok
16:03:56.0546 4288 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
16:03:56.0640 4288 perc2 - ok
16:03:56.0656 4288 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:03:56.0765 4288 perc2hib - ok
16:03:56.0828 4288 pmem (dedef40e1d05842639491365cb2c069e) C:\WINDOWS\System32\drivers\pmemnt.sys
16:03:56.0828 4288 pmem ( UnsignedFile.Multi.Generic ) - warning
16:03:56.0828 4288 pmem - detected UnsignedFile.Multi.Generic (1)
16:03:56.0875 4288 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:03:56.0984 4288 PptpMiniport - ok
16:03:57.0031 4288 PROCDD (c9ca089787aa4ca892f2173a8e15c1b0) C:\WINDOWS\system32\DRIVERS\PROCDD.SYS
16:03:57.0031 4288 PROCDD - ok
16:03:57.0062 4288 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
16:03:57.0156 4288 Processor - ok
16:03:57.0203 4288 psadd (aac08defb15aaab00b30341c716efa35) C:\WINDOWS\system32\DRIVERS\psadd.sys
16:03:57.0234 4288 psadd - ok
16:03:57.0250 4288 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:03:57.0343 4288 PSched - ok
16:03:57.0359 4288 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:03:57.0484 4288 Ptilink - ok
16:03:57.0515 4288 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:03:57.0531 4288 PxHelp20 - ok
16:03:57.0578 4288 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:03:57.0671 4288 ql1080 - ok
16:03:57.0687 4288 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:03:57.0796 4288 Ql10wnt - ok
16:03:57.0796 4288 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:03:57.0906 4288 ql12160 - ok
16:03:57.0921 4288 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:03:58.0015 4288 ql1240 - ok
16:03:58.0031 4288 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:03:58.0125 4288 ql1280 - ok
16:03:58.0156 4288 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:03:58.0281 4288 RasAcd - ok
16:03:58.0312 4288 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:03:58.0406 4288 Rasl2tp - ok
16:03:58.0421 4288 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:03:58.0531 4288 RasPppoe - ok
16:03:58.0562 4288 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:03:58.0671 4288 Raspti - ok
16:03:58.0718 4288 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:03:58.0843 4288 Rdbss - ok
16:03:58.0859 4288 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:03:58.0968 4288 RDPCDD - ok
16:03:59.0015 4288 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:03:59.0125 4288 rdpdr - ok
16:03:59.0187 4288 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:03:59.0203 4288 RDPWD - ok
16:03:59.0281 4288 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:03:59.0390 4288 redbook - ok
16:03:59.0437 4288 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
16:03:59.0546 4288 RFCOMM - ok
16:03:59.0562 4288 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
16:03:59.0593 4288 rimmptsk - ok
16:03:59.0609 4288 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
16:03:59.0625 4288 rimsptsk - ok
16:03:59.0640 4288 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
16:03:59.0656 4288 rismxdp - ok
16:03:59.0718 4288 s24trans (2220783b32a9f91df87f3e8315f091e7) C:\WINDOWS\system32\DRIVERS\s24trans.sys
16:03:59.0734 4288 s24trans ( UnsignedFile.Multi.Generic ) - warning
16:03:59.0734 4288 s24trans - detected UnsignedFile.Multi.Generic (1)
16:03:59.0859 4288 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:03:59.0859 4288 SASDIFSV - ok
16:03:59.0906 4288 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:03:59.0921 4288 SASKUTIL - ok
16:03:59.0968 4288 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
16:04:00.0078 4288 sdbus - ok
16:04:00.0125 4288 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:04:00.0265 4288 Secdrv - ok
16:04:00.0312 4288 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:04:00.0437 4288 serenum - ok
16:04:00.0531 4288 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
16:04:00.0671 4288 Serial - ok
16:04:00.0718 4288 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
16:04:00.0859 4288 sffdisk - ok
16:04:00.0890 4288 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
16:04:01.0031 4288 sffp_sd - ok
16:04:01.0078 4288 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
16:04:01.0187 4288 Sfloppy - ok
16:04:01.0203 4288 Simbad - ok
16:04:01.0265 4288 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:04:01.0375 4288 sisagp - ok
16:04:01.0406 4288 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:04:01.0515 4288 SLIP - ok
16:04:01.0562 4288 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:04:01.0609 4288 Sparrow - ok
16:04:01.0656 4288 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:04:01.0750 4288 splitter - ok
16:04:01.0796 4288 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
16:04:01.0906 4288 sr - ok
16:04:01.0968 4288 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:04:02.0000 4288 Srv - ok
16:04:02.0062 4288 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:04:02.0156 4288 streamip - ok
16:04:02.0203 4288 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:04:02.0312 4288 swenum - ok
16:04:02.0343 4288 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:04:02.0468 4288 swmidi - ok
16:04:02.0515 4288 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
16:04:02.0609 4288 symc810 - ok
16:04:02.0625 4288 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:04:02.0734 4288 symc8xx - ok
16:04:02.0750 4288 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:04:02.0859 4288 sym_hi - ok
16:04:02.0875 4288 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:04:02.0968 4288 sym_u3 - ok
16:04:03.0015 4288 SynTP (4c99d3c37e8e261e141304b2936196cb) C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:04:03.0046 4288 SynTP - ok
16:04:03.0109 4288 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:04:03.0218 4288 sysaudio - ok
16:04:03.0312 4288 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:04:03.0359 4288 Tcpip - ok
16:04:03.0406 4288 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:04:03.0500 4288 TDPIPE - ok
16:04:03.0546 4288 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:04:03.0718 4288 TDTCP - ok
16:04:03.0750 4288 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:04:03.0859 4288 TermDD - ok
16:04:03.0906 4288 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
16:04:04.0015 4288 TosIde - ok
16:04:04.0062 4288 TSMAPIP (ea856d91b3c088ce331e7740c72f43a3) C:\WINDOWS\system32\drivers\TSMAPIP.SYS
16:04:04.0078 4288 TSMAPIP - ok
16:04:04.0140 4288 tvtfilter (49258a02a1e8d304ed88b0f1c56b1738) C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
16:04:04.0156 4288 tvtfilter - ok
16:04:04.0203 4288 TVTPktFilter (0727cce3ff1a4446f4a1d507361567ab) C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys
16:04:04.0218 4288 TVTPktFilter - ok
16:04:04.0281 4288 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:04:04.0390 4288 Udfs - ok
16:04:04.0390 4288 UIUSys - ok
16:04:04.0406 4288 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
16:04:04.0468 4288 ultra - ok
16:04:04.0515 4288 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:04:04.0625 4288 Update - ok
16:04:04.0671 4288 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
16:04:04.0687 4288 USBAAPL - ok
16:04:04.0734 4288 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:04:04.0843 4288 usbaudio - ok
16:04:04.0875 4288 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:04:04.0968 4288 usbccgp - ok
16:04:05.0000 4288 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:04:05.0093 4288 usbehci - ok
16:04:05.0140 4288 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:04:05.0234 4288 usbhub - ok
16:04:05.0281 4288 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:04:05.0390 4288 usbprint - ok
16:04:05.0406 4288 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:04:05.0500 4288 usbscan - ok
16:04:05.0546 4288 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:04:05.0640 4288 USBSTOR - ok
16:04:05.0656 4288 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:04:05.0750 4288 usbuhci - ok
16:04:05.0781 4288 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:04:05.0875 4288 usbvideo - ok
16:04:05.0906 4288 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:04:06.0000 4288 VgaSave - ok
16:04:06.0015 4288 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:04:06.0125 4288 viaagp - ok
16:04:06.0140 4288 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
16:04:06.0234 4288 ViaIde - ok
16:04:06.0281 4288 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
16:04:06.0375 4288 VolSnap - ok
16:04:06.0421 4288 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:04:06.0515 4288 Wanarp - ok
16:04:06.0531 4288 WDICA - ok
16:04:06.0546 4288 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:04:06.0656 4288 wdmaud - ok
16:04:06.0718 4288 winachsf (ea2ab3c94b1aee6aa22d543f1f0c62aa) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:04:06.0750 4288 winachsf - ok
16:04:06.0812 4288 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
16:04:06.0906 4288 WmiAcpi - ok
16:04:06.0953 4288 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:04:07.0046 4288 WSTCODEC - ok
16:04:07.0093 4288 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:04:07.0109 4288 WudfPf - ok
16:04:07.0171 4288 MBR (0x1B8) (8541e89160ea0cb9aceea2505a7c0a04) \Device\Harddisk0\DR0
16:04:07.0312 4288 \Device\Harddisk0\DR0 - ok
16:04:07.0312 4288 Boot (0x1200) (26dab5cdfc7d8afc3132c121c952eb78) \Device\Harddisk0\DR0\Partition0
16:04:07.0312 4288 \Device\Harddisk0\DR0\Partition0 - ok
16:04:07.0312 4288 ============================================================
16:04:07.0312 4288 Scan finished
16:04:07.0312 4288 ============================================================
16:04:07.0328 0964 Detected object count: 9
16:04:07.0328 0964 Actual detected object count: 9
16:05:15.0937 0964 ANC ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:15.0937 0964 ANC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:15.0937 0964 IBMTPCHK ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:15.0937 0964 IBMTPCHK ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:15.0937 0964 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:15.0937 0964 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:15.0937 0964 LxrSII1d ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:15.0937 0964 LxrSII1d ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:15.0937 0964 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:15.0937 0964 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:15.0953 0964 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:15.0953 0964 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:15.0953 0964 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:15.0953 0964 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:15.0953 0964 pmem ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:15.0953 0964 pmem ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:15.0953 0964 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:15.0953 0964 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip

If a suspicious object is detected, the default action will be Skip, click on Continue.

It find like 9 threats during the scan, and they all show the little drop down menu that says skip but when I click continue as instructed it just goes back to the "Start Scan" page and ironically says No Threats Found but right underneath it is says Found: 9 Threats.

OTL logfile created on: 11/17/2011 4:11:35 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Chad\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.21 Gb Available Physical Memory | 73.91% Memory free
4.83 Gb Paging File | 3.85 Gb Available in Paging File | 79.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.12 Gb Total Space | 10.52 Gb Free Space | 7.35% Space Free | Partition Type: NTFS
Drive E: | 572.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LENOVO-7BC18E34 | User Name: Chad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/16 22:07:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chad\Desktop\OTL (1).exe
PRC - [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/11/07 13:04:36 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/10/24 19:29:34 | 002,398,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2011/10/24 19:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/10/18 05:14:54 | 001,229,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 05:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 05:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/10/06 19:43:38 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011/09/08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/05 13:03:16 | 000,228,480 | ---- | M] (Digital Business Processes) -- C:\Program Files\Common Files\NeatReceipts\DB Controller\NeatReceiptsDBController.exe
PRC - [2007/08/03 18:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007/07/05 17:05:04 | 000,065,536 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2007/07/05 17:04:18 | 000,114,688 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2007/07/05 17:03:32 | 000,184,320 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2007/06/22 13:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) -- C:\WINDOWS\system32\FpLogonServ.exe
PRC - [2007/04/08 20:24:32 | 000,054,832 | ---- | M] (Lenovo.) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe
PRC - [2007/03/07 08:51:52 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe
PRC - [2007/02/08 15:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2007/02/08 15:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
PRC - [2007/01/29 22:01:26 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/11 23:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
PRC - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/04/17 19:00:10 | 000,028,672 | ---- | M] (Wistron Corp.) -- C:\Program Files\PM Agent\WisFnCtrlSvc.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/17 15:58:29 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/11/17 15:58:29 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/11/16 17:45:07 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/11/16 17:45:07 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/11/08 15:46:02 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/11/07 22:02:56 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\ppgooglenaclpluginchrome.dll
MOD - [2011/11/07 22:02:55 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\pdf.dll
MOD - [2011/11/07 22:01:20 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\avutil-51.dll
MOD - [2011/11/07 22:01:19 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\avformat-53.dll
MOD - [2011/11/07 22:01:17 | 001,746,504 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\avcodec-53.dll
MOD - [2011/11/07 18:44:56 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\gcswf32.dll
MOD - [2011/10/21 22:22:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
MOD - [2011/10/21 22:21:40 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/21 22:21:14 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/21 21:56:42 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/21 21:56:36 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/21 21:56:20 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/21 21:54:26 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/21 16:12:56 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/06 19:43:38 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/03/15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/02/05 13:03:18 | 000,114,688 | ---- | M] () -- C:\Program Files\Common Files\NeatReceipts\DB Controller\DigitalBP.SPI.Core.dll
MOD - [2008/02/05 13:03:16 | 000,049,152 | ---- | M] () -- C:\Program Files\Common Files\NeatReceipts\DB Controller\DigitalBP.Core.dll
MOD - [2007/04/16 13:17:32 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/04/14 08:30:56 | 000,139,264 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\CDRecord.dll
MOD - [2007/03/07 08:51:52 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe
MOD - [2007/02/08 15:11:32 | 000,569,344 | ---- | M] () -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
MOD - [2007/02/08 15:00:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
MOD - [2006/12/13 21:06:42 | 000,028,672 | ---- | M] () -- C:\Program Files\Lenovo\HOTKEY\tphklock.dll
MOD - [2006/11/20 20:04:06 | 000,856,064 | ---- | M] () -- C:\Program Files\Lenovo Fingerprint Software\SharedResources.dll
MOD - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/10/24 19:29:34 | 002,398,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011/10/12 05:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/10/06 19:43:38 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/07/25 22:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2011/07/07 18:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 16:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/02/05 13:03:16 | 000,228,480 | ---- | M] (Digital Business Processes) [Auto | Running] -- C:\Program Files\Common Files\NeatReceipts\DB Controller\NeatReceiptsDBController.exe -- (NeatReceipts Database Controller)
SRV - [2007/08/03 18:10:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007/07/05 17:05:04 | 000,065,536 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2007/07/05 17:03:32 | 000,184,320 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2007/06/22 13:45:54 | 000,106,496 | ---- | M] (AuthenTec,Inc) [Auto | Running] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2007/04/08 20:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007/03/07 08:51:52 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2007/02/08 15:11:32 | 000,569,344 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2007/01/29 22:01:26 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2007/01/04 21:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/11/11 23:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/11/02 22:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/04/17 19:00:10 | 000,028,672 | ---- | M] (Wistron Corp.) [Auto | Running] -- C:\Program Files\PM Agent\WisFnCtrlSvc.exe -- (WisFnCtrlSvc)

========== Driver Services (SafeList) ==========

DRV - [2011/10/07 05:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 05:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 00:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 00:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 00:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/23 00:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2011/05/23 00:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/05/07 13:53:30 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010/05/07 13:53:14 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam C260(UVC)
DRV - [2010/05/07 13:51:32 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/07 13:51:20 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/18 16:47:53 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/11/18 16:47:49 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007/08/15 06:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2007/07/02 18:19:38 | 000,763,688 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2007/06/16 23:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/05/22 02:59:34 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/04/30 08:37:20 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/04/09 13:03:00 | 000,012,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007/04/02 13:24:08 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2007/03/29 17:19:36 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/03/22 00:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/08 02:03:56 | 000,625,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2007/03/07 08:51:52 | 000,072,672 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2007/02/24 16:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 17:46:00 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/23 18:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/12 20:41:20 | 000,862,922 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/11/08 02:00:10 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/11/08 01:59:34 | 000,209,152 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/11/08 01:59:30 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/11/06 03:23:24 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006/10/29 20:51:40 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005/11/08 11:27:20 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...l_date=20110909
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/11/16 17:34:01 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.c...pr&d=2011-10-06 20:43:38&v=8.0.0.34&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.goog...outputEncoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java™ Platform SE 6 U12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\

O1 HOSTS File: ([2011/11/17 15:53:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-21-261478415-2542434305-4085094211-1009..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{416E8471-F1FA-4624-94F1-351DCA42CF15}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\ACNotify: DllName - (ACNotify.dll) - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\ATFUS: DllName - (C:\WINDOWS\system32\FpWinLogonNp.dll) - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\tphotkey: DllName - (C:\Program Files\Lenovo\HOTKEY\tphklock.dll) - C:\Program Files\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/04/30 02:13:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/11/10 19:44:37 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{958d1ca4-2702-11df-a794-001f3adcc53d}\Shell - "" = AutoRun
O33 - MountPoints2\{958d1ca4-2702-11df-a794-001f3adcc53d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{958d1ca4-2702-11df-a794-001f3adcc53d}\Shell\AutoRun\command - "" = E:\SegaClassics.exe -- [2007/04/19 18:36:40 | 000,069,632 | R--- | M] (HandyTricks)
O33 - MountPoints2\{a3512412-40ac-11de-a72c-001f3adcc53d}\Shell - "" = AutoRun
O33 - MountPoints2\{a3512412-40ac-11de-a72c-001f3adcc53d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a3512412-40ac-11de-a72c-001f3adcc53d}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Palo Alto Software Update Manager 9.0.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^Age2 Config.lnk - C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game\Data\closedpw.exe - ()
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^Logitech . Product Registration.lnk - C:\Program Files\Logitech\Ereg\eReg.exe - (Leader Technologies/Logitech)
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe - (MagicISO, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^Chad^Start Menu^Programs^Startup^Socialbox.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^User^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: ACTray - hkey= - key= - C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )
MsConfig - StartUpReg: ACWLIcon - hkey= - key= - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AMSG - hkey= - key= - C:\Program Files\ThinkVantage\AMSG\Amsg.exe (LENOVO)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: AVG_TRAY - hkey= - key= - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
MsConfig - StartUpReg: AwaySch - hkey= - key= - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
MsConfig - StartUpReg: BluetoothAuthenticationAgent - hkey= - key= - File not found
MsConfig - StartUpReg: BsMnt - hkey= - key= - C:\WINDOWS\BisonCam\BsMnt.exe ()
MsConfig - StartUpReg: Facebook Update - hkey= - key= - C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
MsConfig - StartUpReg: FingerPrintSoftware - hkey= - key= - C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found
MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Logitech Vid - hkey= - key= - C:\Program Files\Logitech\Vid\Vid.exe (Logitech Inc.)
MsConfig - StartUpReg: Logitech Vid HD - hkey= - key= - C:\Program Files\Logitech\Vid\vid.exe (Logitech Inc.)
MsConfig - StartUpReg: LPManager - hkey= - key= - C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
MsConfig - StartUpReg: LWS - hkey= - key= - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
MsConfig - StartUpReg: LxrAutorun - hkey= - key= - C:\Documents and Settings\Chad\Local Settings\Application Data\Lexar Media\LxrAutorun.exe ()
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: Persistence - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: StartNowToolbarHelper - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: TPFNF7 - hkey= - key= - C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
MsConfig - StartUpReg: TPWAUDAP - hkey= - key= - C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
MsConfig - StartUpReg: TVT Scheduler Proxy - hkey= - key= - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
MsConfig - StartUpReg: vProt - hkey= - key= - C:\Program Files\AVG Secure Search\vprot.exe ()
MsConfig - StartUpReg: Wi-Fi Sync - hkey= - key= - File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 1

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/17 16:01:14 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Chad\Desktop\TDSSKiller.exe
[2011/11/17 15:53:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/16 22:24:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/16 22:08:02 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chad\Desktop\OTL (1).exe
[2011/11/16 18:50:59 | 000,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2011/11/16 17:44:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\SUPERAntiSpyware.com
[2011/11/16 17:44:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/11/16 17:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Desktop\Nealy
[2011/11/13 21:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\com.socialbox.socialbox
[2011/11/11 23:15:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chad\Recent
[2011/11/11 01:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\FileZilla
[2011/11/11 01:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2011/11/11 01:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/11/11 01:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Local Settings\Application Data\GlobalSCAPE
[2011/11/11 01:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\GlobalSCAPE
[2011/11/11 01:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2011/11/09 11:51:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2011/10/27 11:40:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Start Menu\Programs\Age Of Empires 2 & The Conquerors Expansion - Full Game
[2011/10/27 11:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game
[2011/10/27 07:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Local Settings\Application Data\Identities
[2011/10/25 02:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/10/25 02:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/25 02:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/25 02:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/22 21:43:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Desktop\iPodContent
[2011/10/21 15:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/10/20 22:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Local Settings\Application Data\Spotify
[2011/10/20 22:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad\Application Data\Spotify
[2008/10/27 12:38:54 | 000,095,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[2008/10/27 12:37:34 | 001,692,496 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2008/10/27 12:36:58 | 000,526,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe

========== Files - Modified Within 30 Days ==========

[2011/11/17 16:00:42 | 000,530,464 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/17 16:00:42 | 000,098,828 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/17 15:56:43 | 000,025,269 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2011/11/17 15:56:27 | 000,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2011/11/17 15:56:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/17 15:56:21 | 3211,186,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/17 15:56:21 | 000,266,208 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/17 15:53:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/11/17 14:47:20 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job
[2011/11/17 09:42:22 | 109,982,589 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/11/17 09:42:22 | 000,618,058 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/11/17 09:03:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009Core.job
[2011/11/16 23:47:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009Core.job
[2011/11/16 22:24:40 | 000,000,422 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/11/16 22:07:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chad\Desktop\OTL (1).exe
[2011/11/16 22:04:48 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\MBR.dat
[2011/11/16 21:30:56 | 000,029,805 | ---- | M] () -- C:\WINDOWS\KernelMessage
[2011/11/16 17:44:15 | 000,001,685 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/16 17:38:27 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/16 17:25:10 | 000,000,211 | -H-- | M] () -- C:\boot.ini
[2011/11/16 12:21:12 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Chad\Desktop\TDSSKiller.exe
[2011/11/15 21:31:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/14 19:01:24 | 000,062,976 | ---- | M] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/14 18:39:28 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Free Online MMPI-2 Test and Scoring.htm
[2011/11/14 18:35:34 | 000,133,125 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/11/12 15:04:23 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/12 15:04:22 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Google Chrome.lnk
[2011/11/06 00:24:44 | 000,061,542 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\298880_2354542715738_1615311521_2344231_295436652_n.jpg
[2011/11/06 00:24:37 | 000,069,598 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\296092_2358188006868_1615311521_2347173_1587254469_n.jpg
[2011/11/06 00:24:30 | 000,060,224 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\305760_2358188846889_1615311521_2347174_1191725054_n.jpg
[2011/11/06 00:24:26 | 000,067,623 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\316983_2358194407028_1615311521_2347175_1049486392_n.jpg
[2011/11/06 00:13:09 | 000,068,009 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\298104_2358186166822_1615311521_2347167_414038111_n.jpg
[2011/11/06 00:12:48 | 000,074,368 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\302682_2358381331701_1615311521_2347270_1834447535_n.jpg
[2011/11/04 08:07:02 | 000,000,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/10/30 13:25:01 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\winscp.rnd
[2011/10/30 02:06:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\updateall.cfg
[2011/10/29 22:23:48 | 000,058,834 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\torquehp.html
[2011/10/27 11:40:47 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\AOCCONFIG.lnk
[2011/10/27 11:40:46 | 000,001,011 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Age2.lnk
[2011/10/27 11:40:45 | 000,001,018 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Empires2.lnk
[2011/10/27 06:15:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/25 02:24:40 | 000,001,549 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/23 03:50:23 | 029,203,460 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\Pimsleur - Greek I - Lesson 01.mp3
[2011/10/22 00:24:56 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\Chad\Application Data\com.plutinosoft.idemo.plist
[2011/10/21 12:34:03 | 004,731,859 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\complaintforequitablerelieffiled.pdf
[2011/10/21 12:34:02 | 000,193,064 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\complainttocompelshareholdermeetingfiled.pdf
[2011/10/21 12:33:58 | 000,065,671 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\affidavitofanthonymoore.pdf
[2011/10/21 12:33:50 | 000,068,459 | ---- | M] () -- C:\Documents and Settings\Chad\Desktop\affidavitofgarypetty.pdf

========== Files Created - No Company Name ==========

[2011/11/16 22:04:48 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\MBR.dat
[2011/11/16 17:44:15 | 000,001,685 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/14 18:39:27 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Free Online MMPI-2 Test and Scoring.htm
[2011/11/06 00:24:45 | 000,061,542 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\298880_2354542715738_1615311521_2344231_295436652_n.jpg
[2011/11/06 00:24:38 | 000,069,598 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\296092_2358188006868_1615311521_2347173_1587254469_n.jpg
[2011/11/06 00:24:31 | 000,060,224 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\305760_2358188846889_1615311521_2347174_1191725054_n.jpg
[2011/11/06 00:24:27 | 000,067,623 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\316983_2358194407028_1615311521_2347175_1049486392_n.jpg
[2011/11/06 00:13:10 | 000,068,009 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\298104_2358186166822_1615311521_2347167_414038111_n.jpg
[2011/11/06 00:12:51 | 000,074,368 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\302682_2358381331701_1615311521_2347270_1834447535_n.jpg
[2011/10/30 02:06:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\updateall.cfg
[2011/10/29 22:23:48 | 000,058,834 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\torquehp.html
[2011/10/27 11:40:47 | 000,000,877 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\AOCCONFIG.lnk
[2011/10/27 11:40:46 | 000,001,011 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Age2.lnk
[2011/10/27 11:40:45 | 000,001,018 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Empires2.lnk
[2011/10/25 02:24:40 | 000,001,549 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/21 12:34:02 | 000,193,064 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\complainttocompelshareholdermeetingfiled.pdf
[2011/10/21 12:33:58 | 000,065,671 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\affidavitofanthonymoore.pdf
[2011/10/21 12:33:56 | 004,731,859 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\complaintforequitablerelieffiled.pdf
[2011/10/21 12:33:53 | 000,068,459 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\affidavitofgarypetty.pdf
[2011/10/20 01:15:53 | 029,203,460 | ---- | C] () -- C:\Documents and Settings\Chad\Desktop\Pimsleur - Greek I - Lesson 01.mp3
[2011/09/17 21:37:32 | 000,514,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-261478415-2542434305-4085094211-1009-0.dat
[2011/09/17 21:37:31 | 000,283,230 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/09/16 02:54:48 | 000,000,513 | ---- | C] () -- C:\Documents and Settings\Chad\Application Data\com.plutinosoft.idemo.plist
[2011/09/15 23:53:13 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Chad\Application Data\winscp.rnd
[2011/08/19 15:45:47 | 000,171,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/07/15 01:23:37 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/03 04:24:10 | 000,062,976 | ---- | C] () -- C:\Documents and Settings\Chad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/05/27 23:01:19 | 000,001,045 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/05/27 22:59:45 | 000,088,576 | R--- | C] () -- C:\WINDOWS\RAUNINST.EXE
[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/05/07 13:44:36 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/07 13:44:16 | 005,496,152 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/07 13:44:16 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/07 13:24:46 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/05/14 12:38:36 | 000,072,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2009/05/14 12:38:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LxrSII1s.exe
[2009/03/19 08:18:15 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\GetInst32.dll
[2009/03/18 12:23:50 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/03/18 12:23:50 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/03/18 12:23:48 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/03/18 12:23:48 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/18 12:23:48 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/18 12:23:47 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/18 11:56:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/03/18 11:56:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/03/18 11:56:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/03/18 11:56:35 | 000,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009/01/12 10:38:26 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/01/12 10:38:25 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008/12/11 15:02:35 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/10/27 12:38:20 | 013,265,184 | ---- | C] () -- C:\Program Files\dxnt.cab
[2008/10/21 06:51:19 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini
[2008/10/19 12:07:35 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\17C3E4AEA3.sys
[2008/10/19 04:45:04 | 000,006,110 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/10/19 04:45:04 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\BFB29CAF48.sys
[2008/08/17 08:39:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/17 08:22:18 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2008/08/17 08:21:13 | 000,114,688 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2008/08/17 08:18:13 | 001,398,352 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
[2008/08/17 08:13:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/08/17 08:13:41 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/08/17 08:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/08/17 08:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/08/17 08:13:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/08/17 08:13:41 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/08/17 08:08:57 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/08/17 08:08:57 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2008/08/17 08:08:49 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2008/08/17 08:06:53 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008/08/17 08:06:33 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2008/08/17 08:01:00 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\Softkbd.exe.config
[2007/08/16 05:28:38 | 000,025,269 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007/08/16 05:28:27 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007/08/15 06:27:18 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\n558.sys
[2007/02/09 14:54:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/11 23:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/11/02 22:40:12 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/04/30 02:31:51 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/04/30 02:22:10 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/04/30 02:19:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/04/30 02:10:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/04/30 01:55:59 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/04/30 01:55:55 | 000,530,464 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/04/30 01:55:55 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/04/30 01:55:55 | 000,098,828 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/04/30 01:55:55 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/04/30 01:55:54 | 000,004,547 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/04/30 01:55:52 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/04/30 01:55:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/04/30 01:55:44 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/04/30 01:55:44 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/04/30 01:55:37 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/04/30 01:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/04/29 19:04:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/04/29 19:03:29 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2008/10/08 10:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Lenovo
[2011/11/16 17:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/11/16 22:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2011/10/06 19:25:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/10/21 06:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Global Software Publishing
[2011/11/11 01:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2008/10/08 10:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2011/10/06 17:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MetaQuotes
[2011/11/17 09:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/12/25 11:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NeatReceipts Professional
[2009/12/25 15:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PAS
[2011/11/16 18:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2008/10/19 12:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaskMgr
[2011/07/15 02:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/10/06 19:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\AVG Secure Search
[2011/10/06 19:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\AVG2012
[2011/11/16 22:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\BitTorrent
[2011/11/13 21:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\com.socialbox.socialbox
[2011/11/11 00:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\DiskAid
[2011/09/03 00:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Elluminate
[2011/11/11 02:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\FileZilla
[2011/11/11 01:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\GlobalSCAPE
[2011/06/08 19:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Leadertech
[2009/05/13 20:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Lenovo
[2009/12/25 16:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Palo Alto Software
[2011/09/02 21:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Quest3D
[2011/09/02 21:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Roaming
[2011/10/20 23:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\Spotify
[2011/10/22 00:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\TuneAid
[2008/10/08 10:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Lenovo
[2008/10/08 10:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Joyce\Application Data\Lenovo
[2009/03/18 11:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\aAvgApi
[2011/10/12 14:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG2012
[2008/10/19 12:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Hoyle FaceCreator
[2010/10/27 12:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Hoyle Puzzle and Board Games
[2008/12/10 09:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\InterVideo
[2008/10/15 01:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2008/10/08 10:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Lenovo
[2009/12/25 15:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Palo Alto Software
[2011/06/03 08:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PriceGong
[2009/06/02 18:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Runes of Avalon
[2011/11/16 17:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User.LENOVO-7BC18E34\Application Data\AVG2012
[2008/10/08 10:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User.LENOVO-7BC18E34\Application Data\Lenovo
[2011/11/16 23:47:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009Core.job
[2011/11/17 14:47:20 | 000,000,994 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-261478415-2542434305-4085094211-1009UA.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 07:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2005/04/01 13:19:51 | 000,502,784 | ---- | M] (Microsoft Corporation) MD5=986EC72D788E00E8E397B7BB7F5A9E45 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2011/08/17 06:01:37 | 000,634,632 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Chad\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/08/17 07:21:24 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2011/08/17 06:01:37 | 000,634,632 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< End of report >

OTL Extras logfile created on: 11/17/2011 4:11:35 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Chad\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.21 Gb Available Physical Memory | 73.91% Memory free
4.83 Gb Paging File | 3.85 Gb Available in Paging File | 79.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.12 Gb Total Space | 10.52 Gb Free Space | 7.35% Space Free | Partition Type: NTFS
Drive E: | 572.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LENOVO-7BC18E34 | User Name: Chad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Vid\Vid.exe" = C:\Program Files\Logitech\Vid\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer.exe" = C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer.exe:*:Enabled:Spotify
"C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer (1).exe" = C:\Documents and Settings\Chad\My Documents\Downloads\Spotify Installer (1).exe:*:Enabled:Spotify
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Chad\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4447D5B5-95ED-4C4D-A9C3-1D8E892D5377}" = AVG 2012
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Integrated Camera
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5CA3501B-7297-48C1-B192-08A2275D327A}" = Global Trading System Pro
"{6280149E-EFF3-4F1B-BD43-5B7EDD6F620A}" = Lenovo Care Supplement
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D74FCD-8DB9-4BEB-9C9D-1D19F2E02AE3}" = Microsoft Report Viewer Redistributable 2005
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79D56DFD-D28E-4289-BED2-32A6342A305B}" = Corel Business Center
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91789CDD-E83A-4186-B436-AA7A588679FD}" = NeatReceipts Database Controller
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{98BD9EA5-2DF2-445C-8C8D-057F55B3C633}" = AVG 2012
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF7DEC7-D521-46FB-A0BA-032A13FD81AF}" = SmartAudio
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92B6797-9C07-4E25-AD96-29087D3A2AC2}" = TouchCopy 09
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF52099A-3BEA-4C41-AEA8-1E190F04D737}" = Lenovo Care
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = InterVideo InstantON (remove only)
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EA5911C2-1FE1-4F3E-805C-AA432A19C6EA}" = PM Agent V1.0.0.8
"{EC422FB2-9F4D-4FB1-A5CE-5F741132EBC5}" = Lenovo Fingerprint Software
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Age Of Empires 2 & The Conquerors Expansion - Full Game" = Age Of Empires 2 & The Conquerors Expansion - Full Game
"ATT-PRT22" = ATT-PRT22
"AVG" = AVG 2012
"AVG Secure Search" = AVG Security Toolbar
"AwayTask" = Maintenance Manager
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner (remove only)
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_5045&SUBSYS_17AA3C19" = Soft Data Fax Modem with SmartCP
"Digital Media LE" = Roxio Digital Media LE
"FileZilla Client" = FileZilla Client 3.5.2
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Kali II" = Kali II
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.2 (Full)
"Lenovo Registration" = Lenovo Registration
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Report Viewer Redistributable 2005" = Microsoft Report Viewer Redistributable 2005
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OnScreenDisplay" = On Screen Display
"PCMCIAPW" = ThinkPad PC Card Power Policy
"Picasa2" = Picasa 2
"ProInst" = Intel® PROSet/Wireless Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Adventures of Zak McKracken" = The Adventures of Zak McKracken
"vGrabber" = vGrabber
"VLC media player" = VLC media player 1.1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.3.4
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WOLAPI" = Westwood Shared Internet Components
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZC2.10w" = Zelda Classic 2.10w

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/7/2011 12:58:41 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/7/2011 12:58:41 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5193125

Error - 11/7/2011 12:58:41 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5193125

Error - 11/7/2011 12:58:43 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/7/2011 12:58:43 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5195297

Error - 11/7/2011 12:58:43 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5195297

Error - 11/7/2011 12:58:45 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/7/2011 12:58:45 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5197453

Error - 11/7/2011 12:58:45 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5197453

Error - 11/7/2011 12:58:47 AM | Computer Name = LENOVO-7BC18E34 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ System Events ]
Error - 11/17/2011 4:53:36 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The Intel® PROSet/Wireless Registry Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/17/2011 4:53:36 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The ThinkVantage Registry Monitor Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/17/2011 4:53:36 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The TVT Backup Protection Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/17/2011 4:53:36 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The TVT Backup Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 11/17/2011 4:53:36 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The vToolbarUpdater service terminated unexpectedly. It has done
this 1 time(s).

Error - 11/17/2011 4:53:36 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The TVT Scheduler service terminated unexpectedly. It has done this
1 time(s).

Error - 11/17/2011 4:53:36 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The WisFnCtrlSvc service terminated unexpectedly. It has done this
1 time(s).

Error - 11/17/2011 4:53:36 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7034
Description = The System Update service terminated unexpectedly. It has done this
1 time(s).

Error - 11/17/2011 4:53:36 PM | Computer Name = LENOVO-7BC18E34 | Source = Service Control Manager | ID = 7031
Description = The Access Connections Main Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
60000 milliseconds: Restart the service.

Error - 11/17/2011 5:00:38 PM | Computer Name = LENOVO-7BC18E34 | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{416E8471-F1FA-4624-94F1-351DCA42CF15}. The
backup browser is stopping.

< End of report >

Seems to be running a lot better!

#6
CompCav

Posted 17 November 2011 - 04:03 PM

Member 5k

Expert
12,454 posts

Step 1.

OTL Fix

We need to run an OTL Fix

Please reopen on your desktop.

Copy and Paste the following code into the Posted Image

textbox.

:OTL
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...me/3000notebook [binary data]
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.co...me/3000notebook [binary data]
[2011/11/16 22:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad\Application Data\BitTorrent


:files
ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[emptyflash]
[Reboot]

Push
OTL may ask to reboot the machine. Please do so if asked.
Click the OK button.
A report will open. Copy and Paste that report in your next reply.
If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.

Step 2.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step 3.

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

Tick the box next to YES, I accept the Terms of Use You should have it still installed for FireFox.
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked
Click Scan (This scan can take several hours, so please be patient)
Once the scan is completed, you may close the window
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic

Run ESET Online Scan

Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.
Check
Click the button.
Accept any security warnings from your browser.
Check
Make sure that the option "Remove found threats" is Unchecked
Push the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push
Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Push the button.
Push

Step 4.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 5.

Please Post:

OTL fix log
mbam log
ESET log
checkup.txt

How is the computer performing now?

#7
Chad Oneal

Posted 18 November 2011 - 09:44 PM

Member

Topic Starter
Member
55 posts

All processes killed
========== OTL ==========
HKU\S-1-5-21-261478415-2542434305-4085094211-1009\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Restore| /E : value set successfully!
Unable to set value : HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E!
Unable to set value : HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E!
Unable to set value : HKU\S-1-5-21-261478415-2542434305-4085094211-1013\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E!
C:\Documents and Settings\Chad\Application Data\BitTorrent\dlimagecache folder moved successfully.
C:\Documents and Settings\Chad\Application Data\BitTorrent\apps folder moved successfully.
C:\Documents and Settings\Chad\Application Data\BitTorrent folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Chad\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Chad\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Chad
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 36876 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 19860345 bytes
->Flash cache emptied: 684 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Joyce
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: User.LENOVO-7BC18E34
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14352 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 19.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Chad
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Joyce

User: LocalService

User: NetworkService

User: User
->Flash cache emptied: 0 bytes

User: User.LENOVO-7BC18E34
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 11172011_234204

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8190

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

11/18/2011 4:17:23 PM
mbam-log-2011-11-18 (16-17-23).txt

Scan type: Quick scan
Objects scanned: 229397
Time elapsed: 4 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17103 (vista_gdr.110816-1000)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=8d9655ab1bdaf841994eb11ea8df0110
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-18 10:20:06
# local_time=2011-11-18 05:20:06 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1024 16777215 100 0 2782919 2782919 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=88510
# found=2
# cleaned=2
# scan_time=3232
C:\System Volume Information\_restore{A8393674-085C-4723-B63E-39928C5F4C89}\RP355\A0054165.dll a variant of Win32/Toolbar.Zugo application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{A8393674-085C-4723-B63E-39928C5F4C89}\RP355\A0054166.exe a variant of Win32/Toolbar.Zugo application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Results of screen317's Security Check version 0.99.28
Windows XP Service Pack 3 x86
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Disabled!
AVG 2012
AVG Security Toolbar
AVG 2012
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner (remove only)
Java™ 6 Update 12
Java version out of date!
Adobe Reader 9 (Adobe Reader out of date!)
````````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
``````````End of Log````````````

Computer is running great, thank you.

#8
CompCav

Posted 19 November 2011 - 10:12 AM

Member 5k

Expert
12,454 posts

Step 1.

Windows Repair Tool

Download Windows Repair (all in one) from this site

Install the program then run

Go to step 2 and allow it to run Disc check
Posted Image

Once that is done then go to step 3 and allow it to run SFC
Posted Image

On the start repairs tab select advanced mode and click start
Posted Image

Remove the check marks so that it looks like this:
Posted Image

Add a check mark for Restart System When Finished

Then click Start

Step 2.

Update Java:

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to clear the Java Cache, remove older version Java components, and update:

Clear your Java Cache

click on Start-> Control Panel (Classic View)-> Java (looks like a coffee cup)
On the General tab, under Temporary Internet Files, click the Settings button.
Next, click on the Delete Files button
There are two options in the window to clear the cache - Leave BOTH Checked

Applications and Applets
Trace and Log Files

Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
Click OK to leave the Temporary Files Window
Click OK to leave the Java Control Panel.

Uninstall old Java versions

Please download JavaRa to your desktop and unzip it to its own folder.
Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.

Download Current Version of Java
Download the latest version of Java Runtime Environment (JRE) Version 7 u1 and save it to your desktop.
Scroll down to where it says "Java SE 7 u1.
Click the "Download" button to the right for JRE.
Select your Platform: "Windows".
Select your Language: "Multi-language".
Read the License Agreement, and then check the box that says: "Accept License Agreement".
Click Continue and the page will refresh.
Click on the link to download Windows Offline Installation, jre-7u1-windows-i586.exe and save the file to your desktop.

Install New Java
Then from your desktop double-click on jre-7u1-windows-i586.exe to install the newest version.

Step 3.

Your Internet Explorer is out of Date.

Please go to Start > All Programs > Microsoft update.

Select Custom When the install options come up install all critical and then do the internet explorer update all the way up to version 8 as well.

Newer version 8.0 has better security and additional features some sites now take advantage of for the user, plus it is integral to windows - so updating IE also updates windows!!

Step 4.

Are there any issues remaining?